Update March 2023
这个提交包含在:
父节点
8b9009e483
当前提交
97f76b17a8
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [GB](https://vuldb.com/?country.gb)
|
||||
* ...
|
||||
|
||||
There are 22 more country items available. Please use our online service to access the data.
|
||||
There are 21 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -52,67 +52,68 @@ ID | Type | Indicator | Confidence
|
|||
1 | File | `.github/workflows/combine-prs.yml` | High
|
||||
2 | File | `/Admin/add-student.php` | High
|
||||
3 | File | `/admin/api/admin/articles/` | High
|
||||
4 | File | `/admin/conferences/list/` | High
|
||||
5 | File | `/admin/generalsettings.php` | High
|
||||
6 | File | `/Admin/login.php` | High
|
||||
7 | File | `/admin/payment.php` | High
|
||||
8 | File | `/admin/reports.php` | High
|
||||
9 | File | `/admin/showbad.php` | High
|
||||
10 | File | `/adms/admin/?page=vehicles/sell_vehicle` | High
|
||||
11 | File | `/adms/admin/?page=vehicles/view_transaction` | High
|
||||
12 | File | `/apilog.php` | Medium
|
||||
13 | File | `/bin/httpd` | Medium
|
||||
14 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
15 | File | `/connectors/index.php` | High
|
||||
16 | File | `/dev/block/mmcblk0rpmb` | High
|
||||
17 | File | `/DocSystem/Repos/getReposAllUsers.do` | High
|
||||
18 | File | `/face-recognition-php/facepay-master/camera.php` | High
|
||||
19 | File | `/forum/away.php` | High
|
||||
20 | File | `/fos/admin/ajax.php?action=login` | High
|
||||
21 | File | `/fos/admin/index.php?page=menu` | High
|
||||
22 | File | `/home/masterConsole` | High
|
||||
23 | File | `/home/sendBroadcast` | High
|
||||
24 | File | `/hrm/employeeadd.php` | High
|
||||
25 | File | `/hrm/employeeview.php` | High
|
||||
26 | File | `/index.php` | Medium
|
||||
27 | File | `/items/view_item.php` | High
|
||||
28 | File | `/jsoa/hntdCustomDesktopActionContent` | High
|
||||
29 | File | `/lookin/info` | Medium
|
||||
30 | File | `/manager/index.php` | High
|
||||
31 | File | `/medical/inventories.php` | High
|
||||
32 | File | `/modules/profile/index.php` | High
|
||||
33 | File | `/modules/projects/vw_files.php` | High
|
||||
34 | File | `/modules/public/calendar.php` | High
|
||||
35 | File | `/mygym/admin/index.php?view_exercises` | High
|
||||
36 | File | `/newsDia.php` | Medium
|
||||
37 | File | `/out.php` | Medium
|
||||
38 | File | `/php-opos/index.php` | High
|
||||
39 | File | `/proxy` | Low
|
||||
40 | File | `/public/launchNewWindow.jsp` | High
|
||||
41 | File | `/Redcock-Farm/farm/category.php` | High
|
||||
42 | File | `/reports/rwservlet` | High
|
||||
43 | File | `/sacco_shield/manage_user.php` | High
|
||||
44 | File | `/spip.php` | Medium
|
||||
45 | File | `/sqlitemanager/main.php?dbsel=-1%20or%2072%20=%2072` | High
|
||||
46 | File | `/staff/bookdetails.php` | High
|
||||
47 | File | `/TeleoptiWFM/Administration/GetOneTenant` | High
|
||||
48 | File | `/uncpath/` | Medium
|
||||
49 | File | `/user/update_booking.php` | High
|
||||
50 | File | `/WEB-INF/web.xml` | High
|
||||
51 | File | `/Wedding-Management-PHP/admin/photos_add.php` | High
|
||||
52 | File | `/wireless/security.asp` | High
|
||||
53 | File | `/wordpress/wp-admin/options-general.php` | High
|
||||
54 | File | `/wp-content/plugins/woocommerce/templates/emails/plain/` | High
|
||||
55 | File | `01article.php` | High
|
||||
56 | File | `AbstractScheduleJob.java` | High
|
||||
57 | File | `actionphp/download.File.php` | High
|
||||
58 | File | `AdClass.php` | Medium
|
||||
59 | File | `adclick.php` | Medium
|
||||
60 | File | `addtocart.asp` | High
|
||||
61 | File | `admin.php` | Medium
|
||||
62 | ... | ... | ...
|
||||
4 | File | `/Admin/login.php` | High
|
||||
5 | File | `/admin/showbad.php` | High
|
||||
6 | File | `/adms/admin/?page=vehicles/sell_vehicle` | High
|
||||
7 | File | `/adms/admin/?page=vehicles/view_transaction` | High
|
||||
8 | File | `/apilog.php` | Medium
|
||||
9 | File | `/APR/login.php` | High
|
||||
10 | File | `/bin/httpd` | Medium
|
||||
11 | File | `/cgi-bin/wapopen` | High
|
||||
12 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
13 | File | `/connectors/index.php` | High
|
||||
14 | File | `/dev/block/mmcblk0rpmb` | High
|
||||
15 | File | `/DocSystem/Repos/getReposAllUsers.do` | High
|
||||
16 | File | `/face-recognition-php/facepay-master/camera.php` | High
|
||||
17 | File | `/forum/away.php` | High
|
||||
18 | File | `/fos/admin/ajax.php?action=login` | High
|
||||
19 | File | `/fos/admin/index.php?page=menu` | High
|
||||
20 | File | `/home/masterConsole` | High
|
||||
21 | File | `/home/sendBroadcast` | High
|
||||
22 | File | `/hrm/employeeadd.php` | High
|
||||
23 | File | `/hrm/employeeview.php` | High
|
||||
24 | File | `/index.php` | Medium
|
||||
25 | File | `/items/view_item.php` | High
|
||||
26 | File | `/jsoa/hntdCustomDesktopActionContent` | High
|
||||
27 | File | `/lookin/info` | Medium
|
||||
28 | File | `/manager/index.php` | High
|
||||
29 | File | `/medical/inventories.php` | High
|
||||
30 | File | `/modules/profile/index.php` | High
|
||||
31 | File | `/modules/projects/vw_files.php` | High
|
||||
32 | File | `/modules/public/calendar.php` | High
|
||||
33 | File | `/mygym/admin/index.php?view_exercises` | High
|
||||
34 | File | `/newsDia.php` | Medium
|
||||
35 | File | `/out.php` | Medium
|
||||
36 | File | `/php-opos/index.php` | High
|
||||
37 | File | `/proxy` | Low
|
||||
38 | File | `/public/launchNewWindow.jsp` | High
|
||||
39 | File | `/Redcock-Farm/farm/category.php` | High
|
||||
40 | File | `/reports/rwservlet` | High
|
||||
41 | File | `/sacco_shield/manage_user.php` | High
|
||||
42 | File | `/spip.php` | Medium
|
||||
43 | File | `/sqlitemanager/main.php?dbsel=-1%20or%2072%20=%2072` | High
|
||||
44 | File | `/staff/bookdetails.php` | High
|
||||
45 | File | `/uncpath/` | Medium
|
||||
46 | File | `/user/update_booking.php` | High
|
||||
47 | File | `/WEB-INF/web.xml` | High
|
||||
48 | File | `/Wedding-Management-PHP/admin/photos_add.php` | High
|
||||
49 | File | `/wireless/security.asp` | High
|
||||
50 | File | `/wordpress/wp-admin/options-general.php` | High
|
||||
51 | File | `/wp-content/plugins/woocommerce/templates/emails/plain/` | High
|
||||
52 | File | `01article.php` | High
|
||||
53 | File | `AbstractScheduleJob.java` | High
|
||||
54 | File | `actionphp/download.File.php` | High
|
||||
55 | File | `activenews_view.asp` | High
|
||||
56 | File | `adclick.php` | Medium
|
||||
57 | File | `addtocart.asp` | High
|
||||
58 | File | `admin.php` | Medium
|
||||
59 | File | `admin/abc.php` | High
|
||||
60 | File | `admin/admin.php?action=users&mode=info&user=2` | High
|
||||
61 | File | `admin/admin/adminsave.html` | High
|
||||
62 | File | `admin/conf_users_edit.php` | High
|
||||
63 | ... | ... | ...
|
||||
|
||||
There are 539 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 555 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -102,7 +102,7 @@ ID | Type | Indicator | Confidence
|
|||
39 | File | `affich.php` | Medium
|
||||
40 | ... | ... | ...
|
||||
|
||||
There are 342 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 348 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -134,7 +134,7 @@ ID | Type | Indicator | Confidence
|
|||
27 | File | `/tmp/zarafa-vacation-*` | High
|
||||
28 | ... | ... | ...
|
||||
|
||||
There are 232 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 235 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -91,32 +91,32 @@ ID | Type | Indicator | Confidence
|
|||
11 | File | `/attachments` | Medium
|
||||
12 | File | `/boat/login.php` | High
|
||||
13 | File | `/bsms_ci/index.php/book` | High
|
||||
14 | File | `/cgi-bin/login.cgi` | High
|
||||
15 | File | `/cgi-bin/luci/api/wireless` | High
|
||||
16 | File | `/ci_hms/massage_room/edit/1` | High
|
||||
17 | File | `/context/%2e/WEB-INF/web.xml` | High
|
||||
18 | File | `/dashboard/reports/logs/view` | High
|
||||
19 | File | `/debian/patches/load_ppp_generic_if_needed` | High
|
||||
20 | File | `/debug/pprof` | Medium
|
||||
21 | File | `/etc/hosts` | Medium
|
||||
22 | File | `/forum/away.php` | High
|
||||
23 | File | `/goform/setmac` | High
|
||||
24 | File | `/goform/wizard_end` | High
|
||||
25 | File | `/hprms/admin/doctors/manage_doctor.php` | High
|
||||
26 | File | `/index/jobfairol/show/` | High
|
||||
27 | File | `/manage-apartment.php` | High
|
||||
28 | File | `/medicines/profile.php` | High
|
||||
29 | File | `/modules/caddyhttp/rewrite/rewrite.go` | High
|
||||
30 | File | `/pages/apply_vacancy.php` | High
|
||||
31 | File | `/proc/<PID>/mem` | High
|
||||
32 | File | `/project/PROJECTNAME/reports/` | High
|
||||
33 | File | `/proxy` | Low
|
||||
34 | File | `/reservation/add_message.php` | High
|
||||
35 | File | `/spip.php` | Medium
|
||||
36 | File | `/tmp` | Low
|
||||
14 | File | `/cgi-bin/luci/api/wireless` | High
|
||||
15 | File | `/ci_hms/massage_room/edit/1` | High
|
||||
16 | File | `/context/%2e/WEB-INF/web.xml` | High
|
||||
17 | File | `/dashboard/reports/logs/view` | High
|
||||
18 | File | `/debian/patches/load_ppp_generic_if_needed` | High
|
||||
19 | File | `/debug/pprof` | Medium
|
||||
20 | File | `/etc/hosts` | Medium
|
||||
21 | File | `/forum/away.php` | High
|
||||
22 | File | `/goform/setmac` | High
|
||||
23 | File | `/goform/wizard_end` | High
|
||||
24 | File | `/manage-apartment.php` | High
|
||||
25 | File | `/medicines/profile.php` | High
|
||||
26 | File | `/modules/caddyhttp/rewrite/rewrite.go` | High
|
||||
27 | File | `/pages/apply_vacancy.php` | High
|
||||
28 | File | `/proc/<PID>/mem` | High
|
||||
29 | File | `/project/PROJECTNAME/reports/` | High
|
||||
30 | File | `/proxy` | Low
|
||||
31 | File | `/reservation/add_message.php` | High
|
||||
32 | File | `/spip.php` | Medium
|
||||
33 | File | `/tmp` | Low
|
||||
34 | File | `/uncpath/` | Medium
|
||||
35 | File | `/upload` | Low
|
||||
36 | File | `/vendor/htmlawed/htmlawed/htmLawedTest.php` | High
|
||||
37 | ... | ... | ...
|
||||
|
||||
There are 316 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 313 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -45,7 +45,7 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-22, CWE-23 | Pathname Traversal | High
|
||||
1 | T1006 | CWE-22, CWE-23, CWE-29 | Pathname Traversal | High
|
||||
2 | T1055 | CWE-74 | Injection | High
|
||||
3 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
|
@ -60,21 +60,22 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/api/RecordingList/DownloadRecord?file=` | High
|
||||
2 | File | `/etc/openstack-dashboard/local_settings` | High
|
||||
3 | File | `/get_getnetworkconf.cgi` | High
|
||||
4 | File | `/goform/RgDhcp` | High
|
||||
5 | File | `/goform/RGFirewallEL` | High
|
||||
6 | File | `/horde/util/go.php` | High
|
||||
7 | File | `/rapi/read_url` | High
|
||||
8 | File | `/uncpath/` | Medium
|
||||
9 | File | `/usr/bin/pkexec` | High
|
||||
10 | File | `/wp-admin/admin-post.php?es_skip=1&option_name` | High
|
||||
11 | File | `/wp-content/uploads/photo-gallery/` | High
|
||||
12 | File | `administrator/components/com_media/helpers/media.php` | High
|
||||
13 | File | `bb_usage_stats.php` | High
|
||||
14 | ... | ... | ...
|
||||
2 | File | `/apply.cgi` | Medium
|
||||
3 | File | `/etc/openstack-dashboard/local_settings` | High
|
||||
4 | File | `/get_getnetworkconf.cgi` | High
|
||||
5 | File | `/goform/RgDhcp` | High
|
||||
6 | File | `/goform/RGFirewallEL` | High
|
||||
7 | File | `/horde/util/go.php` | High
|
||||
8 | File | `/rapi/read_url` | High
|
||||
9 | File | `/uncpath/` | Medium
|
||||
10 | File | `/usr/bin/pkexec` | High
|
||||
11 | File | `/wp-admin/admin-post.php?es_skip=1&option_name` | High
|
||||
12 | File | `/wp-content/uploads/photo-gallery/` | High
|
||||
13 | File | `administrator/components/com_media/helpers/media.php` | High
|
||||
14 | File | `appserv/main.php` | High
|
||||
15 | ... | ... | ...
|
||||
|
||||
There are 113 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 115 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -65,32 +65,32 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/admin/` | Low
|
||||
2 | File | `/cgi-bin/cgiServer.exx` | High
|
||||
3 | File | `/cgi-bin/login_action.cgi` | High
|
||||
4 | File | `/cgi-bin/nobody/Search.cgi` | High
|
||||
5 | File | `/cgi-bin/webviewer_login_page` | High
|
||||
6 | File | `/dev/sg0` | Medium
|
||||
7 | File | `/event/runquery.do` | High
|
||||
8 | File | `/filemanager/php/connector.php` | High
|
||||
9 | File | `/forum/away.php` | High
|
||||
10 | File | `/goform/setmac` | High
|
||||
11 | File | `/log_download.cgi` | High
|
||||
12 | File | `/manager?action=getlogcat` | High
|
||||
13 | File | `/mgmt/tm/util/bash` | High
|
||||
14 | File | `/pages/systemcall.php?command={COMMAND}` | High
|
||||
15 | File | `/password.html` | High
|
||||
16 | File | `/system/ws/v11/ss/email` | High
|
||||
17 | File | `/uncpath/` | Medium
|
||||
18 | File | `/upload` | Low
|
||||
19 | File | `add_vhost.php` | High
|
||||
20 | File | `admin/images.aspx` | High
|
||||
21 | File | `admin/index.php` | High
|
||||
22 | File | `adv2.php?action=modify` | High
|
||||
23 | File | `agent.cfg` | Medium
|
||||
24 | File | `arch/x86/include/asm/fpu/internal.h` | High
|
||||
2 | File | `/api/` | Low
|
||||
3 | File | `/cgi-bin/cgiServer.exx` | High
|
||||
4 | File | `/cgi-bin/login_action.cgi` | High
|
||||
5 | File | `/cgi-bin/nobody/Search.cgi` | High
|
||||
6 | File | `/cgi-bin/webviewer_login_page` | High
|
||||
7 | File | `/dev/sg0` | Medium
|
||||
8 | File | `/event/runquery.do` | High
|
||||
9 | File | `/filemanager/php/connector.php` | High
|
||||
10 | File | `/forum/away.php` | High
|
||||
11 | File | `/goform/setmac` | High
|
||||
12 | File | `/log_download.cgi` | High
|
||||
13 | File | `/manager?action=getlogcat` | High
|
||||
14 | File | `/mgmt/tm/util/bash` | High
|
||||
15 | File | `/pages/systemcall.php?command={COMMAND}` | High
|
||||
16 | File | `/password.html` | High
|
||||
17 | File | `/system/ws/v11/ss/email` | High
|
||||
18 | File | `/uncpath/` | Medium
|
||||
19 | File | `/upload` | Low
|
||||
20 | File | `add_vhost.php` | High
|
||||
21 | File | `admin/images.aspx` | High
|
||||
22 | File | `admin/index.php` | High
|
||||
23 | File | `adv2.php?action=modify` | High
|
||||
24 | File | `agent.cfg` | Medium
|
||||
25 | ... | ... | ...
|
||||
|
||||
There are 209 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 211 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -91,9 +91,10 @@ ID | Type | Indicator | Confidence
|
|||
28 | File | `/plugins/servlet/project-config/PROJECT/roles` | High
|
||||
29 | File | `/replication` | Medium
|
||||
30 | File | `/RestAPI` | Medium
|
||||
31 | ... | ... | ...
|
||||
31 | File | `/SASWebReportStudio/logonAndRender.do` | High
|
||||
32 | ... | ... | ...
|
||||
|
||||
There are 268 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 270 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -56,20 +56,20 @@ ID | Type | Indicator | Confidence
|
|||
-- | ---- | --------- | ----------
|
||||
1 | File | `//etc/RT2870STA.dat` | High
|
||||
2 | File | `/admin/index.php?id=themes&action=edit_template&filename=blog` | High
|
||||
3 | File | `/bin/boa` | Medium
|
||||
4 | File | `/cgi-bin/wapopen` | High
|
||||
5 | File | `/cwp_{SESSION_HASH}/admin/loader_ajax.php` | High
|
||||
6 | File | `/jquery_file_upload/server/php/index.php` | High
|
||||
7 | File | `/librarian/bookdetails.php` | High
|
||||
8 | File | `/magnoliaPublic/travel/members/login.html` | High
|
||||
9 | File | `/Main_AdmStatus_Content.asp` | High
|
||||
10 | File | `/requests.php` | High
|
||||
11 | File | `/server-status` | High
|
||||
12 | File | `/uncpath/` | Medium
|
||||
13 | File | `/var/log/nginx` | High
|
||||
3 | File | `/appConfig/userDB.json` | High
|
||||
4 | File | `/bin/boa` | Medium
|
||||
5 | File | `/cgi-bin/wapopen` | High
|
||||
6 | File | `/cwp_{SESSION_HASH}/admin/loader_ajax.php` | High
|
||||
7 | File | `/jquery_file_upload/server/php/index.php` | High
|
||||
8 | File | `/librarian/bookdetails.php` | High
|
||||
9 | File | `/magnoliaPublic/travel/members/login.html` | High
|
||||
10 | File | `/Main_AdmStatus_Content.asp` | High
|
||||
11 | File | `/requests.php` | High
|
||||
12 | File | `/server-status` | High
|
||||
13 | File | `/uncpath/` | Medium
|
||||
14 | ... | ... | ...
|
||||
|
||||
There are 108 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 115 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [NL](https://vuldb.com/?country.nl)
|
||||
* ...
|
||||
|
||||
There are 23 more country items available. Please use our online service to access the data.
|
||||
There are 22 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -2236,38 +2236,41 @@ ID | Type | Indicator | Confidence
|
|||
20 | File | `/DocSystem/Repos/getReposAllUsers.do` | High
|
||||
21 | File | `/env` | Low
|
||||
22 | File | `/etc/sudoers` | Medium
|
||||
23 | File | `/face-recognition-php/facepay-master/camera.php` | High
|
||||
24 | File | `/forum/away.php` | High
|
||||
25 | File | `/fos/admin/ajax.php?action=login` | High
|
||||
26 | File | `/fos/admin/index.php?page=menu` | High
|
||||
27 | File | `/goform/WifiBasicSet` | High
|
||||
28 | File | `/goform/WifiGuestSet` | High
|
||||
29 | File | `/hardware` | Medium
|
||||
30 | File | `/home/masterConsole` | High
|
||||
31 | File | `/home/sendBroadcast` | High
|
||||
32 | File | `/hrm/controller/employee.php` | High
|
||||
33 | File | `/hrm/employeeadd.php` | High
|
||||
34 | File | `/hrm/employeeview.php` | High
|
||||
35 | File | `/IISADMPWD` | Medium
|
||||
36 | File | `/includes/login.php` | High
|
||||
37 | File | `/index.php` | Medium
|
||||
38 | File | `/Items/*/RemoteImages/Download` | High
|
||||
39 | File | `/jerry-core/parser/js/js-scanner-util.c` | High
|
||||
40 | File | `/jsoa/hntdCustomDesktopActionContent` | High
|
||||
41 | File | `/lookin/info` | Medium
|
||||
42 | File | `/Moosikay/order.php` | High
|
||||
43 | File | `/mygym/admin/index.php?view_exercises` | High
|
||||
44 | File | `/out.php` | Medium
|
||||
45 | File | `/pet_shop/admin/orders/update_status.php` | High
|
||||
46 | File | `/php-fusion/infusions/shoutbox_panel/shoutbox_archive.php` | High
|
||||
47 | File | `/php-opos/index.php` | High
|
||||
48 | File | `/proxy` | Low
|
||||
49 | File | `/psrs/admin/?page=inquiries/view_inquiry` | High
|
||||
50 | File | `/reports/rwservlet` | High
|
||||
51 | File | `/sacco_shield/manage_payment.php` | High
|
||||
52 | ... | ... | ...
|
||||
23 | File | `/forum/away.php` | High
|
||||
24 | File | `/fos/admin/ajax.php?action=login` | High
|
||||
25 | File | `/fos/admin/index.php?page=menu` | High
|
||||
26 | File | `/goform/WifiBasicSet` | High
|
||||
27 | File | `/goform/WifiGuestSet` | High
|
||||
28 | File | `/hardware` | Medium
|
||||
29 | File | `/home/masterConsole` | High
|
||||
30 | File | `/home/sendBroadcast` | High
|
||||
31 | File | `/hrm/controller/employee.php` | High
|
||||
32 | File | `/IISADMPWD` | Medium
|
||||
33 | File | `/index.php` | Medium
|
||||
34 | File | `/Items/*/RemoteImages/Download` | High
|
||||
35 | File | `/jerry-core/parser/js/js-scanner-util.c` | High
|
||||
36 | File | `/jsoa/hntdCustomDesktopActionContent` | High
|
||||
37 | File | `/Moosikay/order.php` | High
|
||||
38 | File | `/mygym/admin/index.php?view_exercises` | High
|
||||
39 | File | `/out.php` | Medium
|
||||
40 | File | `/pet_shop/admin/orders/update_status.php` | High
|
||||
41 | File | `/php-fusion/infusions/shoutbox_panel/shoutbox_archive.php` | High
|
||||
42 | File | `/php-opos/index.php` | High
|
||||
43 | File | `/proxy` | Low
|
||||
44 | File | `/psrs/admin/?page=inquiries/view_inquiry` | High
|
||||
45 | File | `/public/launchNewWindow.jsp` | High
|
||||
46 | File | `/reports/rwservlet` | High
|
||||
47 | File | `/sacco_shield/manage_payment.php` | High
|
||||
48 | File | `/spip.php` | Medium
|
||||
49 | File | `/start_apply.htm` | High
|
||||
50 | File | `/student/bookdetails.php` | High
|
||||
51 | File | `/tmp/ibmsupt` | Medium
|
||||
52 | File | `/uncpath/` | Medium
|
||||
53 | File | `/upload` | Low
|
||||
54 | File | `/user/loader.php?api=1` | High
|
||||
55 | ... | ... | ...
|
||||
|
||||
There are 453 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 477 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -0,0 +1,30 @@
|
|||
# African Regional Industrial Property Organization Unknown - Cyber Threat Intelligence
|
||||
|
||||
These _indicators_ were reported, collected, and generated during the [VulDB CTI analysis](https://vuldb.com/?kb.cti) of the actor known as [African Regional Industrial Property Organization Unknown](https://vuldb.com/?actor.african_regional_industrial_property_organization_unknown). The _activity monitoring_ correlates data from social media, forums, chat rooms, and darknet markets. It helps to determine associated actors, specific activities, expected intentions, emerging research, and ongoing attacks. Our unique _predictive model_ uses _big data_ to forecast activities and their characteristics.
|
||||
|
||||
_Live data_ and more _analysis capabilities_ are available at [https://vuldb.com/?actor.african_regional_industrial_property_organization_unknown](https://vuldb.com/?actor.african_regional_industrial_property_organization_unknown)
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
These _indicators of compromise_ (IOC) indicate associated network resources which are known to be part of research and attack activities of African Regional Industrial Property Organization Unknown.
|
||||
|
||||
ID | IP address | Hostname | Campaign | Confidence
|
||||
-- | ---------- | -------- | -------- | ----------
|
||||
1 | [182.50.184.0](https://vuldb.com/?ip.182.50.184.0) | - | - | High
|
||||
|
||||
## References
|
||||
|
||||
The following list contains _external sources_ which discuss the actor and the associated activities:
|
||||
|
||||
* https://github.com/firehol/blocklist-ipsets/blob/master/ipdeny_country/id_country_ap.netset
|
||||
|
||||
## Literature
|
||||
|
||||
The following _articles_ explain our unique predictive cyber threat intelligence:
|
||||
|
||||
* [VulDB Cyber Threat Intelligence Documentation](https://vuldb.com/?kb.cti)
|
||||
* [Cyber Threat Intelligence - Early Anticipation of Attacks](https://www.scip.ch/en/?labs.20201022)
|
||||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [CH](https://vuldb.com/?country.ch)
|
||||
* ...
|
||||
|
||||
There are 27 more country items available. Please use our online service to access the data.
|
||||
There are 26 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -96,10 +96,9 @@ ID | Type | Indicator | Confidence
|
|||
43 | File | `/ptms/classes/Users.php` | High
|
||||
44 | File | `/resources//../` | High
|
||||
45 | File | `/rest/api/2/search` | High
|
||||
46 | File | `/s/` | Low
|
||||
47 | ... | ... | ...
|
||||
46 | ... | ... | ...
|
||||
|
||||
There are 406 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 403 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -59,9 +59,10 @@ ID | Type | Indicator | Confidence
|
|||
9 | File | `/storage/app/media/evil.svg` | High
|
||||
10 | File | `/uncpath/` | Medium
|
||||
11 | File | `/usr/lpp/mmfs/bin/` | High
|
||||
12 | ... | ... | ...
|
||||
12 | File | `adclick.php` | Medium
|
||||
13 | ... | ... | ...
|
||||
|
||||
There are 97 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 98 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -50,7 +50,7 @@ ID | Type | Indicator | Confidence
|
|||
4 | File | `data/gbconfiguration.dat` | High
|
||||
5 | ... | ... | ...
|
||||
|
||||
There are 31 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 33 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -25,6 +25,21 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1055 | CWE-74 | Injection | High
|
||||
2 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
3 | T1068 | CWE-269 | Execution with Unnecessary Privileges | High
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
These _indicators of attack_ (IOA) list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration by AsynRAT. This data is unique as it uses our predictive model for actor profiling.
|
||||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `admincp/auth/secure.php` | High
|
||||
2 | File | `templates/mangobery/footer.sample.php` | High
|
||||
3 | Argument | `cfgProgDir` | Medium
|
||||
4 | ... | ... | ...
|
||||
|
||||
There are 1 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [NL](https://vuldb.com/?country.nl)
|
||||
* ...
|
||||
|
||||
There are 5 more country items available. Please use our online service to access the data.
|
||||
There are 4 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -70,36 +70,40 @@ ID | Type | Indicator | Confidence
|
|||
8 | File | `/adms/admin/?page=user/manage_user` | High
|
||||
9 | File | `/adms/admin/?page=vehicles/view_transaction` | High
|
||||
10 | File | `/ajax/update_certificate` | High
|
||||
11 | File | `/alphaware/summary.php` | High
|
||||
12 | File | `/apply.cgi` | Medium
|
||||
13 | File | `/boat/login.php` | High
|
||||
14 | File | `/bsms_ci/index.php/book` | High
|
||||
15 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
16 | File | `/debug/pprof` | Medium
|
||||
17 | File | `/ecshop/admin/template.php` | High
|
||||
18 | File | `/eduauth/student/search.php` | High
|
||||
19 | File | `/forum/away.php` | High
|
||||
20 | File | `/forums.php?action=post` | High
|
||||
21 | File | `/goform/formDefault` | High
|
||||
22 | File | `/goform/formLogin` | High
|
||||
23 | File | `/goform/formSysCmd` | High
|
||||
24 | File | `/goform/fromSetWirelessRepeat` | High
|
||||
25 | File | `/goform/WifiBasicSet` | High
|
||||
26 | File | `/index.php` | Medium
|
||||
27 | File | `/inxedu/demo_inxedu_open/src/main/resources/mybatis/inxedu/website/WebsiteImagesMapper.xml` | High
|
||||
28 | File | `/list.php` | Medium
|
||||
29 | File | `/login/index.php` | High
|
||||
30 | File | `/medicines/profile.php` | High
|
||||
31 | File | `/Moosikay/order.php` | High
|
||||
32 | File | `/philosophy/admin/user/controller.php?action=add` | High
|
||||
33 | File | `/php-opos/signup.php` | High
|
||||
34 | File | `/reservation/add_message.php` | High
|
||||
35 | File | `/SetNetworkSettings/SubnetMask` | High
|
||||
36 | File | `/setNTP.cgi` | Medium
|
||||
37 | File | `/spip.php` | Medium
|
||||
38 | ... | ... | ...
|
||||
11 | File | `/alphaware/details.php` | High
|
||||
12 | File | `/alphaware/summary.php` | High
|
||||
13 | File | `/api/` | Low
|
||||
14 | File | `/api/admin/store/product/list` | High
|
||||
15 | File | `/apply.cgi` | Medium
|
||||
16 | File | `/boat/login.php` | High
|
||||
17 | File | `/bsms_ci/index.php/book` | High
|
||||
18 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
19 | File | `/config/myfield/test.php` | High
|
||||
20 | File | `/debug/pprof` | Medium
|
||||
21 | File | `/ecshop/admin/template.php` | High
|
||||
22 | File | `/eduauth/student/search.php` | High
|
||||
23 | File | `/forum/away.php` | High
|
||||
24 | File | `/fudforum/adm/hlplist.php` | High
|
||||
25 | File | `/geoserver/rest/about/status` | High
|
||||
26 | File | `/goform/formDefault` | High
|
||||
27 | File | `/goform/formLogin` | High
|
||||
28 | File | `/goform/formSysCmd` | High
|
||||
29 | File | `/goform/fromSetWirelessRepeat` | High
|
||||
30 | File | `/goform/WifiBasicSet` | High
|
||||
31 | File | `/index.php` | Medium
|
||||
32 | File | `/list.php` | Medium
|
||||
33 | File | `/login/index.php` | High
|
||||
34 | File | `/medicines/profile.php` | High
|
||||
35 | File | `/Moosikay/order.php` | High
|
||||
36 | File | `/philosophy/admin/user/controller.php?action=add` | High
|
||||
37 | File | `/php-opos/signup.php` | High
|
||||
38 | File | `/reservation/add_message.php` | High
|
||||
39 | File | `/SetNetworkSettings/SubnetMask` | High
|
||||
40 | File | `/setNTP.cgi` | Medium
|
||||
41 | File | `/spip.php` | Medium
|
||||
42 | ... | ... | ...
|
||||
|
||||
There are 327 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 361 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -8,12 +8,12 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
|
|||
|
||||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with BianLian:
|
||||
|
||||
* [SC](https://vuldb.com/?country.sc)
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
* [DE](https://vuldb.com/?country.de)
|
||||
* [RU](https://vuldb.com/?country.ru)
|
||||
* ...
|
||||
|
||||
There are 17 more country items available. Please use our online service to access the data.
|
||||
There are 3 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -21,21 +21,45 @@ These _indicators of compromise_ (IOC) indicate associated network resources whi
|
|||
|
||||
ID | IP address | Hostname | Campaign | Confidence
|
||||
-- | ---------- | -------- | -------- | ----------
|
||||
1 | [5.2.79.138](https://vuldb.com/?ip.5.2.79.138) | - | - | High
|
||||
2 | [5.188.6.118](https://vuldb.com/?ip.5.188.6.118) | subnet.local | - | High
|
||||
3 | [5.230.67.2](https://vuldb.com/?ip.5.230.67.2) | - | - | High
|
||||
4 | [13.49.57.110](https://vuldb.com/?ip.13.49.57.110) | ec2-13-49-57-110.eu-north-1.compute.amazonaws.com | - | Medium
|
||||
5 | [16.162.137.220](https://vuldb.com/?ip.16.162.137.220) | ec2-16-162-137-220.ap-east-1.compute.amazonaws.com | - | Medium
|
||||
6 | [18.130.242.71](https://vuldb.com/?ip.18.130.242.71) | ec2-18-130-242-71.eu-west-2.compute.amazonaws.com | - | Medium
|
||||
7 | [23.94.56.154](https://vuldb.com/?ip.23.94.56.154) | 23-94-56-154-host.colocrossing.com | - | High
|
||||
8 | [23.227.198.243](https://vuldb.com/?ip.23.227.198.243) | 23-227-198-243.static.hvvc.us | - | High
|
||||
9 | [37.235.54.81](https://vuldb.com/?ip.37.235.54.81) | 81.54.235.37.in-addr.arpa | - | High
|
||||
10 | [43.155.116.250](https://vuldb.com/?ip.43.155.116.250) | - | - | High
|
||||
11 | [45.9.150.132](https://vuldb.com/?ip.45.9.150.132) | - | - | High
|
||||
12 | [45.92.156.105](https://vuldb.com/?ip.45.92.156.105) | - | - | High
|
||||
13 | ... | ... | ... | ...
|
||||
1 | [3.134.86.154](https://vuldb.com/?ip.3.134.86.154) | ec2-3-134-86-154.us-east-2.compute.amazonaws.com | - | Medium
|
||||
2 | [5.2.79.138](https://vuldb.com/?ip.5.2.79.138) | - | - | High
|
||||
3 | [5.188.6.118](https://vuldb.com/?ip.5.188.6.118) | subnet.local | - | High
|
||||
4 | [5.230.67.2](https://vuldb.com/?ip.5.230.67.2) | - | - | High
|
||||
5 | [5.230.70.23](https://vuldb.com/?ip.5.230.70.23) | placeholder.noezserver.de | - | High
|
||||
6 | [5.230.72.245](https://vuldb.com/?ip.5.230.72.245) | - | - | High
|
||||
7 | [5.230.73.37](https://vuldb.com/?ip.5.230.73.37) | placeholder.noezserver.de | - | High
|
||||
8 | [5.230.73.234](https://vuldb.com/?ip.5.230.73.234) | - | - | High
|
||||
9 | [13.49.57.110](https://vuldb.com/?ip.13.49.57.110) | ec2-13-49-57-110.eu-north-1.compute.amazonaws.com | - | Medium
|
||||
10 | [15.188.49.63](https://vuldb.com/?ip.15.188.49.63) | ec2-15-188-49-63.eu-west-3.compute.amazonaws.com | - | Medium
|
||||
11 | [16.162.137.220](https://vuldb.com/?ip.16.162.137.220) | ec2-16-162-137-220.ap-east-1.compute.amazonaws.com | - | Medium
|
||||
12 | [18.130.242.71](https://vuldb.com/?ip.18.130.242.71) | ec2-18-130-242-71.eu-west-2.compute.amazonaws.com | - | Medium
|
||||
13 | [18.159.131.209](https://vuldb.com/?ip.18.159.131.209) | ec2-18-159-131-209.eu-central-1.compute.amazonaws.com | - | Medium
|
||||
14 | [23.94.56.154](https://vuldb.com/?ip.23.94.56.154) | 23-94-56-154-host.colocrossing.com | - | High
|
||||
15 | [23.163.0.168](https://vuldb.com/?ip.23.163.0.168) | tech-000168.techydrov.com | - | High
|
||||
16 | [23.227.198.243](https://vuldb.com/?ip.23.227.198.243) | 23-227-198-243.static.hvvc.us | - | High
|
||||
17 | [23.229.117.247](https://vuldb.com/?ip.23.229.117.247) | - | - | High
|
||||
18 | [35.157.43.44](https://vuldb.com/?ip.35.157.43.44) | ec2-35-157-43-44.eu-central-1.compute.amazonaws.com | - | Medium
|
||||
19 | [35.183.14.149](https://vuldb.com/?ip.35.183.14.149) | ec2-35-183-14-149.ca-central-1.compute.amazonaws.com | - | Medium
|
||||
20 | [37.220.31.17](https://vuldb.com/?ip.37.220.31.17) | aviation.metagroups.info | - | High
|
||||
21 | [37.220.31.104](https://vuldb.com/?ip.37.220.31.104) | 10-4netw0rk.mynet.com.tr | - | High
|
||||
22 | [37.235.54.42](https://vuldb.com/?ip.37.235.54.42) | 42.54.235.37.in-addr.arpa | - | High
|
||||
23 | [37.235.54.52](https://vuldb.com/?ip.37.235.54.52) | 52.54.235.37.in-addr.arpa | - | High
|
||||
24 | [37.235.54.81](https://vuldb.com/?ip.37.235.54.81) | 81.54.235.37.in-addr.arpa | - | High
|
||||
25 | [43.155.116.250](https://vuldb.com/?ip.43.155.116.250) | - | - | High
|
||||
26 | [44.212.9.14](https://vuldb.com/?ip.44.212.9.14) | ec2-44-212-9-14.compute-1.amazonaws.com | - | Medium
|
||||
27 | [45.9.150.132](https://vuldb.com/?ip.45.9.150.132) | - | - | High
|
||||
28 | [45.33.119.19](https://vuldb.com/?ip.45.33.119.19) | li1056-19.members.linode.com | - | High
|
||||
29 | [45.56.165.17](https://vuldb.com/?ip.45.56.165.17) | nordns.crowncloud.net | - | High
|
||||
30 | [45.61.136.152](https://vuldb.com/?ip.45.61.136.152) | - | - | High
|
||||
31 | [45.66.249.118](https://vuldb.com/?ip.45.66.249.118) | 7r277nw66g.shybeaveronline.com | - | High
|
||||
32 | [45.86.163.228](https://vuldb.com/?ip.45.86.163.228) | - | - | High
|
||||
33 | [45.86.230.64](https://vuldb.com/?ip.45.86.230.64) | srv2.lg-c.net | - | High
|
||||
34 | [45.92.156.105](https://vuldb.com/?ip.45.92.156.105) | - | - | High
|
||||
35 | [45.128.156.3](https://vuldb.com/?ip.45.128.156.3) | webfair.store | - | High
|
||||
36 | [45.128.156.10](https://vuldb.com/?ip.45.128.156.10) | frm3-zendable.com | - | High
|
||||
37 | ... | ... | ... | ...
|
||||
|
||||
There are 46 more IOC items available. Please use our online service to access the data.
|
||||
There are 142 more IOC items available. Please use our online service to access the data.
|
||||
|
||||
## TTP - Tactics, Techniques, Procedures
|
||||
|
||||
|
@ -43,14 +67,12 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-294 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
1 | T1006 | CWE-22 | Pathname Traversal | High
|
||||
2 | T1055 | CWE-74 | Injection | High
|
||||
3 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 22 more TTP items available. Please use our online service to access the data.
|
||||
There are 11 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -58,57 +80,18 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/+CSCOE+/logon.html` | High
|
||||
2 | File | `/addQuestion.php` | High
|
||||
3 | File | `/admin/conferences/get-all-status/` | High
|
||||
4 | File | `/admin/conferences/list/` | High
|
||||
5 | File | `/admin/countrymanagement.php` | High
|
||||
6 | File | `/admin/general/change-lang` | High
|
||||
7 | File | `/admin/group/list/` | High
|
||||
8 | File | `/admin/renewaldue.php` | High
|
||||
9 | File | `/admin/usermanagement.php` | High
|
||||
10 | File | `/admin/ztliuyan_sendmail.php` | High
|
||||
11 | File | `/api/RecordingList/DownloadRecord?file=` | High
|
||||
12 | File | `/api/v1/chat.getThreadsList` | High
|
||||
13 | File | `/app1/admin#foo` | High
|
||||
14 | File | `/aya/module/admin/ust_tab_e.inc.php` | High
|
||||
15 | File | `/backups/` | Medium
|
||||
16 | File | `/bl-plugins/backup/plugin.php` | High
|
||||
17 | File | `/category.php` | High
|
||||
18 | File | `/cgi-bin/editBookmark` | High
|
||||
19 | File | `/chart` | Low
|
||||
20 | File | `/classes/Master.php?f=delete_appointment` | High
|
||||
21 | File | `/Core/Ap4Utils.h` | High
|
||||
22 | File | `/ctpms/classes/Master.php?f=delete_application` | High
|
||||
23 | File | `/front/roomtype-details.php` | High
|
||||
24 | File | `/goform/aspForm` | High
|
||||
25 | File | `/hdf5/src/H5T.c` | High
|
||||
26 | File | `/homeaction.php` | High
|
||||
27 | File | `/horde/imp/search.php` | High
|
||||
28 | File | `/index.php` | Medium
|
||||
29 | File | `/installer/upgrade_start` | High
|
||||
30 | File | `/Items/*/RemoteImages/Download` | High
|
||||
31 | File | `/items/view_item.php` | High
|
||||
32 | File | `/lan.asp` | Medium
|
||||
33 | File | `/librarian/bookdetails.php` | High
|
||||
34 | File | `/lists/admin/` | High
|
||||
35 | File | `/login/index.php` | High
|
||||
36 | File | `/mail/index.html` | High
|
||||
37 | File | `/navigate/navigate_download.php` | High
|
||||
38 | File | `/public/plugins/` | High
|
||||
39 | File | `/rapi/read_url` | High
|
||||
40 | File | `/reps/admin/?page=agents/manage_agent` | High
|
||||
41 | File | `/rest/api/1.0/render` | High
|
||||
42 | File | `/rest/api/latest/projectvalidate/key` | High
|
||||
43 | File | `/rest/jpo/1.0/hierarchyConfiguration` | High
|
||||
44 | ... | ... | ...
|
||||
1 | File | `/login/index.php` | High
|
||||
2 | File | `/usr/local/psa/admin/sbin/wrapper` | High
|
||||
3 | File | `/WEB-INF/web.xml` | High
|
||||
4 | ... | ... | ...
|
||||
|
||||
There are 377 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 24 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
The following list contains _external sources_ which discuss the actor and the associated activities:
|
||||
|
||||
* https://redacted.com/blog/bianlian-ransomware-gang-continues-to-evolve/
|
||||
* https://rhisac.org/threat-intelligence/bianlian-ransomware-expanding-c2-infrastructure-and-operational-tempo/
|
||||
|
||||
## Literature
|
||||
|
|
|
@ -47,20 +47,20 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/index.php` | Medium
|
||||
2 | File | `/opt/zimbra/jetty/webapps/zimbra/public` | High
|
||||
3 | File | `adclick.php` | Medium
|
||||
4 | File | `addtocart.asp` | High
|
||||
5 | File | `admin/adm/test.php` | High
|
||||
6 | File | `agora.cgi` | Medium
|
||||
7 | File | `books.php` | Medium
|
||||
8 | File | `cat.asp` | Low
|
||||
9 | File | `catalog.php` | Medium
|
||||
10 | File | `categories.php` | High
|
||||
11 | File | `default.php` | Medium
|
||||
1 | File | `/forum/away.php` | High
|
||||
2 | File | `/index.php` | Medium
|
||||
3 | File | `/opt/zimbra/jetty/webapps/zimbra/public` | High
|
||||
4 | File | `adclick.php` | Medium
|
||||
5 | File | `addtocart.asp` | High
|
||||
6 | File | `admin/adm/test.php` | High
|
||||
7 | File | `agora.cgi` | Medium
|
||||
8 | File | `books.php` | Medium
|
||||
9 | File | `cat.asp` | Low
|
||||
10 | File | `catalog.php` | Medium
|
||||
11 | File | `categories.php` | High
|
||||
12 | ... | ... | ...
|
||||
|
||||
There are 91 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 92 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -16,7 +16,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [BR](https://vuldb.com/?country.br)
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
* [GB](https://vuldb.com/?country.gb)
|
||||
* ...
|
||||
|
||||
There are 10 more country items available. Please use our online service to access the data.
|
||||
|
@ -1422,23 +1422,26 @@ ID | Type | Indicator | Confidence
|
|||
9 | File | `/mygym/admin/index.php?view_exercises` | High
|
||||
10 | File | `/php-opos/index.php` | High
|
||||
11 | File | `/php-scrm/login.php` | High
|
||||
12 | File | `/textpattern/index.php` | High
|
||||
13 | File | `/tmp` | Low
|
||||
14 | File | `account-signup.php` | High
|
||||
15 | File | `account/signup.php` | High
|
||||
16 | File | `addentry.php` | Medium
|
||||
17 | File | `admin-ajax.php` | High
|
||||
18 | File | `admin.php` | Medium
|
||||
19 | File | `admin/admin.php?action=users&mode=info&user=2` | High
|
||||
20 | File | `admin/admin_editor.php` | High
|
||||
21 | File | `admin/conf_users_edit.php` | High
|
||||
22 | File | `adminer.php` | Medium
|
||||
23 | File | `articulo.php` | Medium
|
||||
24 | File | `blocks/block-Old_Articles.php` | High
|
||||
25 | File | `bp_ncom.php` | Medium
|
||||
26 | ... | ... | ...
|
||||
12 | File | `/public/launchNewWindow.jsp` | High
|
||||
13 | File | `/textpattern/index.php` | High
|
||||
14 | File | `/tmp` | Low
|
||||
15 | File | `account-signup.php` | High
|
||||
16 | File | `account/signup.php` | High
|
||||
17 | File | `activenews_view.asp` | High
|
||||
18 | File | `addentry.php` | Medium
|
||||
19 | File | `admin-ajax.php` | High
|
||||
20 | File | `admin.php` | Medium
|
||||
21 | File | `admin/admin.php?action=users&mode=info&user=2` | High
|
||||
22 | File | `admin/admin_editor.php` | High
|
||||
23 | File | `admin/conf_users_edit.php` | High
|
||||
24 | File | `adminer.php` | Medium
|
||||
25 | File | `articulo.php` | Medium
|
||||
26 | File | `art_detalle.php` | High
|
||||
27 | File | `banner_add_edit.asp` | High
|
||||
28 | File | `blocks/block-Old_Articles.php` | High
|
||||
29 | ... | ... | ...
|
||||
|
||||
There are 215 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 244 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -104,15 +104,15 @@ ID | Type | Indicator | Confidence
|
|||
40 | File | `admin/param/param_func.inc.php` | High
|
||||
41 | File | `admin/y_admin.asp` | High
|
||||
42 | File | `adminer.php` | Medium
|
||||
43 | File | `administrator/components/com_media/helpers/media.php` | High
|
||||
44 | File | `admin_ok.asp` | Medium
|
||||
45 | File | `affiliates.php` | High
|
||||
46 | File | `app/Core/Paginator.php` | High
|
||||
47 | File | `artlinks.dispnew.php` | High
|
||||
48 | File | `auth.php` | Medium
|
||||
43 | File | `administration/admins.php` | High
|
||||
44 | File | `administrator/components/com_media/helpers/media.php` | High
|
||||
45 | File | `admin_ok.asp` | Medium
|
||||
46 | File | `affiliates.php` | High
|
||||
47 | File | `app/Core/Paginator.php` | High
|
||||
48 | File | `artlinks.dispnew.php` | High
|
||||
49 | ... | ... | ...
|
||||
|
||||
There are 426 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 428 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -63,17 +63,17 @@ ID | Type | Indicator | Confidence
|
|||
3 | File | `/acms/admin/cargo_types/manage_cargo_type.php` | High
|
||||
4 | File | `/admin/ajax/avatar.php` | High
|
||||
5 | File | `/admin/index.php` | High
|
||||
6 | File | `/admin/payment.php` | High
|
||||
7 | File | `/admin/show.php` | High
|
||||
8 | File | `/api/file_uploader.php` | High
|
||||
9 | File | `/api/RecordingList/DownloadRecord?file=` | High
|
||||
10 | File | `/default.php?idx=17` | High
|
||||
11 | File | `/dev/shm` | Medium
|
||||
12 | File | `/download` | Medium
|
||||
13 | File | `/forum/away.php` | High
|
||||
14 | File | `/goform` | Low
|
||||
6 | File | `/admin/lab.php` | High
|
||||
7 | File | `/admin/payment.php` | High
|
||||
8 | File | `/admin/show.php` | High
|
||||
9 | File | `/api/file_uploader.php` | High
|
||||
10 | File | `/api/RecordingList/DownloadRecord?file=` | High
|
||||
11 | File | `/default.php?idx=17` | High
|
||||
12 | File | `/dev/shm` | Medium
|
||||
13 | File | `/download` | Medium
|
||||
14 | File | `/forum/away.php` | High
|
||||
15 | File | `/GponForm/device_Form?script/` | High
|
||||
16 | File | `/index.php` | Medium
|
||||
16 | File | `/login/index.php` | High
|
||||
17 | File | `/mgmt/tm/util/bash` | High
|
||||
18 | File | `/net` | Low
|
||||
19 | File | `/opt/bin/cli` | Medium
|
||||
|
|
|
@ -10,10 +10,10 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [JP](https://vuldb.com/?country.jp)
|
||||
* [ES](https://vuldb.com/?country.es)
|
||||
* [DK](https://vuldb.com/?country.dk)
|
||||
* ...
|
||||
|
||||
There are 22 more country items available. Please use our online service to access the data.
|
||||
There are 19 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -21,248 +21,337 @@ These _indicators of compromise_ (IOC) indicate associated network resources whi
|
|||
|
||||
ID | IP address | Hostname | Campaign | Confidence
|
||||
-- | ---------- | -------- | -------- | ----------
|
||||
1 | [2.20.45.4](https://vuldb.com/?ip.2.20.45.4) | a2-20-45-4.deploy.static.akamaitechnologies.com | - | High
|
||||
2 | [2.20.45.12](https://vuldb.com/?ip.2.20.45.12) | a2-20-45-12.deploy.static.akamaitechnologies.com | - | High
|
||||
3 | [2.20.45.92](https://vuldb.com/?ip.2.20.45.92) | a2-20-45-92.deploy.static.akamaitechnologies.com | - | High
|
||||
4 | [2.20.45.96](https://vuldb.com/?ip.2.20.45.96) | a2-20-45-96.deploy.static.akamaitechnologies.com | - | High
|
||||
5 | [2.56.12.0](https://vuldb.com/?ip.2.56.12.0) | - | - | High
|
||||
6 | [2.56.52.0](https://vuldb.com/?ip.2.56.52.0) | - | - | High
|
||||
7 | [5.32.128.0](https://vuldb.com/?ip.5.32.128.0) | - | - | High
|
||||
8 | [5.53.128.0](https://vuldb.com/?ip.5.53.128.0) | - | - | High
|
||||
9 | [5.61.96.0](https://vuldb.com/?ip.5.61.96.0) | - | - | High
|
||||
10 | [5.62.60.52](https://vuldb.com/?ip.5.62.60.52) | r-52-60-62-5.consumer-pool.prcdn.net | - | High
|
||||
11 | [5.62.62.52](https://vuldb.com/?ip.5.62.62.52) | r-52-62-62-5.consumer-pool.prcdn.net | - | High
|
||||
12 | [5.101.217.128](https://vuldb.com/?ip.5.101.217.128) | - | - | High
|
||||
13 | [5.104.160.0](https://vuldb.com/?ip.5.104.160.0) | 5.104.161.0.telecom-bg.com | - | High
|
||||
14 | [5.132.135.0](https://vuldb.com/?ip.5.132.135.0) | - | - | High
|
||||
15 | [5.133.92.0](https://vuldb.com/?ip.5.133.92.0) | - | - | High
|
||||
16 | [5.181.28.0](https://vuldb.com/?ip.5.181.28.0) | - | - | High
|
||||
17 | [5.181.80.0](https://vuldb.com/?ip.5.181.80.0) | - | - | High
|
||||
18 | [5.182.20.0](https://vuldb.com/?ip.5.182.20.0) | - | - | High
|
||||
19 | [5.183.228.0](https://vuldb.com/?ip.5.183.228.0) | - | - | High
|
||||
20 | [5.183.231.0](https://vuldb.com/?ip.5.183.231.0) | - | - | High
|
||||
21 | [8.40.26.0](https://vuldb.com/?ip.8.40.26.0) | - | - | High
|
||||
22 | [23.229.0.176](https://vuldb.com/?ip.23.229.0.176) | - | - | High
|
||||
23 | [31.6.61.0](https://vuldb.com/?ip.31.6.61.0) | - | - | High
|
||||
24 | [31.13.192.0](https://vuldb.com/?ip.31.13.192.0) | - | - | High
|
||||
25 | [31.14.180.0](https://vuldb.com/?ip.31.14.180.0) | - | - | High
|
||||
26 | [31.14.182.0](https://vuldb.com/?ip.31.14.182.0) | - | - | High
|
||||
27 | [31.41.16.0](https://vuldb.com/?ip.31.41.16.0) | - | - | High
|
||||
28 | [31.169.124.0](https://vuldb.com/?ip.31.169.124.0) | leo0.ecorenewbs.com | - | High
|
||||
29 | [31.186.104.0](https://vuldb.com/?ip.31.186.104.0) | subnet1.mtel.gr | - | High
|
||||
30 | [31.211.128.0](https://vuldb.com/?ip.31.211.128.0) | - | - | High
|
||||
31 | [34.99.140.0](https://vuldb.com/?ip.34.99.140.0) | 0.140.99.34.bc.googleusercontent.com | - | Medium
|
||||
32 | [34.99.212.0](https://vuldb.com/?ip.34.99.212.0) | 0.212.99.34.bc.googleusercontent.com | - | Medium
|
||||
33 | [34.103.156.0](https://vuldb.com/?ip.34.103.156.0) | 0.156.103.34.bc.googleusercontent.com | - | Medium
|
||||
34 | [37.46.114.0](https://vuldb.com/?ip.37.46.114.0) | bg.as51430.net | - | High
|
||||
35 | [37.60.136.0](https://vuldb.com/?ip.37.60.136.0) | - | - | High
|
||||
36 | [37.60.224.0](https://vuldb.com/?ip.37.60.224.0) | ip-37-60-224-0.siteground.com | - | High
|
||||
37 | [37.63.0.0](https://vuldb.com/?ip.37.63.0.0) | - | - | High
|
||||
38 | [37.77.80.0](https://vuldb.com/?ip.37.77.80.0) | - | - | High
|
||||
39 | [37.120.152.0](https://vuldb.com/?ip.37.120.152.0) | kyi0.sourrefer.us | - | High
|
||||
40 | [37.130.240.0](https://vuldb.com/?ip.37.130.240.0) | net240-ip0.linkbg.com | - | High
|
||||
41 | [37.139.128.0](https://vuldb.com/?ip.37.139.128.0) | - | - | High
|
||||
42 | [37.143.192.0](https://vuldb.com/?ip.37.143.192.0) | - | - | High
|
||||
43 | [37.156.69.0](https://vuldb.com/?ip.37.156.69.0) | 259c4500.static.cust.trined.nl | - | High
|
||||
44 | [37.156.70.0](https://vuldb.com/?ip.37.156.70.0) | 259c4600.static.cust.trined.nl | - | High
|
||||
45 | [37.157.136.0](https://vuldb.com/?ip.37.157.136.0) | - | - | High
|
||||
46 | [37.157.160.0](https://vuldb.com/?ip.37.157.160.0) | begin.force-it.net.160.157.37.in-addr.arpa | - | High
|
||||
47 | [37.209.168.0](https://vuldb.com/?ip.37.209.168.0) | - | - | High
|
||||
48 | [37.252.247.0](https://vuldb.com/?ip.37.252.247.0) | - | - | High
|
||||
49 | [40.127.179.92](https://vuldb.com/?ip.40.127.179.92) | - | - | High
|
||||
50 | [43.113.224.128](https://vuldb.com/?ip.43.113.224.128) | - | - | High
|
||||
51 | [45.10.188.0](https://vuldb.com/?ip.45.10.188.0) | - | - | High
|
||||
52 | [45.12.70.22](https://vuldb.com/?ip.45.12.70.22) | weightiest.get-eye.com | - | High
|
||||
53 | [45.12.71.22](https://vuldb.com/?ip.45.12.71.22) | - | - | High
|
||||
54 | [45.15.180.0](https://vuldb.com/?ip.45.15.180.0) | - | - | High
|
||||
55 | [45.65.68.0](https://vuldb.com/?ip.45.65.68.0) | - | - | High
|
||||
56 | [45.66.44.0](https://vuldb.com/?ip.45.66.44.0) | - | - | High
|
||||
57 | [45.67.12.0](https://vuldb.com/?ip.45.67.12.0) | - | - | High
|
||||
58 | [45.67.88.0](https://vuldb.com/?ip.45.67.88.0) | - | - | High
|
||||
59 | [45.67.208.0](https://vuldb.com/?ip.45.67.208.0) | subnet.gcore.lu | - | High
|
||||
60 | [45.80.216.0](https://vuldb.com/?ip.45.80.216.0) | - | - | High
|
||||
61 | [45.81.176.0](https://vuldb.com/?ip.45.81.176.0) | - | - | High
|
||||
62 | [45.83.216.0](https://vuldb.com/?ip.45.83.216.0) | - | - | High
|
||||
63 | [45.84.80.0](https://vuldb.com/?ip.45.84.80.0) | - | - | High
|
||||
64 | [45.84.172.0](https://vuldb.com/?ip.45.84.172.0) | - | - | High
|
||||
65 | [45.84.184.0](https://vuldb.com/?ip.45.84.184.0) | - | - | High
|
||||
66 | [45.84.192.0](https://vuldb.com/?ip.45.84.192.0) | 0.192.84.45.static.webnick.net | - | High
|
||||
67 | [45.84.194.0](https://vuldb.com/?ip.45.84.194.0) | - | - | High
|
||||
68 | [45.88.64.0](https://vuldb.com/?ip.45.88.64.0) | - | - | High
|
||||
69 | [45.88.216.0](https://vuldb.com/?ip.45.88.216.0) | - | - | High
|
||||
70 | [45.90.56.0](https://vuldb.com/?ip.45.90.56.0) | subnet.ipv4.layer6.net | - | High
|
||||
71 | [45.92.16.0](https://vuldb.com/?ip.45.92.16.0) | - | - | High
|
||||
72 | [45.128.4.0](https://vuldb.com/?ip.45.128.4.0) | clients.evn.bg | - | High
|
||||
73 | [45.128.88.0](https://vuldb.com/?ip.45.128.88.0) | - | - | High
|
||||
74 | [45.133.43.0](https://vuldb.com/?ip.45.133.43.0) | - | - | High
|
||||
75 | [45.133.92.0](https://vuldb.com/?ip.45.133.92.0) | - | - | High
|
||||
76 | [45.133.100.0](https://vuldb.com/?ip.45.133.100.0) | - | - | High
|
||||
77 | [45.137.220.0](https://vuldb.com/?ip.45.137.220.0) | - | - | High
|
||||
78 | [45.139.2.0](https://vuldb.com/?ip.45.139.2.0) | - | - | High
|
||||
79 | [45.140.0.0](https://vuldb.com/?ip.45.140.0.0) | customer.upheads.0.0.140.45 | - | High
|
||||
80 | [45.141.232.0](https://vuldb.com/?ip.45.141.232.0) | - | - | High
|
||||
81 | [45.142.12.0](https://vuldb.com/?ip.45.142.12.0) | - | - | High
|
||||
82 | [45.142.128.0](https://vuldb.com/?ip.45.142.128.0) | - | - | High
|
||||
83 | [45.143.36.0](https://vuldb.com/?ip.45.143.36.0) | 45-143-36-0.ip.welcomeitalia.it | - | High
|
||||
84 | [45.143.68.0](https://vuldb.com/?ip.45.143.68.0) | - | - | High
|
||||
85 | [45.146.140.0](https://vuldb.com/?ip.45.146.140.0) | - | - | High
|
||||
86 | [45.147.148.0](https://vuldb.com/?ip.45.147.148.0) | - | - | High
|
||||
87 | [45.149.12.0](https://vuldb.com/?ip.45.149.12.0) | - | - | High
|
||||
88 | [45.153.108.0](https://vuldb.com/?ip.45.153.108.0) | - | - | High
|
||||
89 | [45.154.76.0](https://vuldb.com/?ip.45.154.76.0) | - | - | High
|
||||
90 | [45.154.176.0](https://vuldb.com/?ip.45.154.176.0) | loamomro.ip76.abilixsoft.eu | - | High
|
||||
91 | [45.158.28.0](https://vuldb.com/?ip.45.158.28.0) | - | - | High
|
||||
92 | [45.158.160.0](https://vuldb.com/?ip.45.158.160.0) | - | - | High
|
||||
93 | [46.10.0.0](https://vuldb.com/?ip.46.10.0.0) | 46-10-0-0.ip.btc-net.bg | - | High
|
||||
94 | [46.16.192.0](https://vuldb.com/?ip.46.16.192.0) | - | - | High
|
||||
95 | [46.35.160.0](https://vuldb.com/?ip.46.35.160.0) | - | - | High
|
||||
96 | [46.40.64.0](https://vuldb.com/?ip.46.40.64.0) | - | - | High
|
||||
97 | [46.47.64.0](https://vuldb.com/?ip.46.47.64.0) | - | - | High
|
||||
98 | [46.55.128.0](https://vuldb.com/?ip.46.55.128.0) | - | - | High
|
||||
99 | [46.229.192.0](https://vuldb.com/?ip.46.229.192.0) | - | - | High
|
||||
100 | [46.232.152.0](https://vuldb.com/?ip.46.232.152.0) | 0.152.232.46.blizoo.bg | - | High
|
||||
101 | [46.233.0.0](https://vuldb.com/?ip.46.233.0.0) | - | - | High
|
||||
102 | [46.237.64.0](https://vuldb.com/?ip.46.237.64.0) | - | - | High
|
||||
103 | [46.238.0.0](https://vuldb.com/?ip.46.238.0.0) | - | - | High
|
||||
104 | [46.243.142.0](https://vuldb.com/?ip.46.243.142.0) | - | - | High
|
||||
105 | [46.249.64.0](https://vuldb.com/?ip.46.249.64.0) | - | - | High
|
||||
106 | [46.252.48.0](https://vuldb.com/?ip.46.252.48.0) | - | - | High
|
||||
107 | [46.253.0.0](https://vuldb.com/?ip.46.253.0.0) | - | - | High
|
||||
108 | [46.254.128.0](https://vuldb.com/?ip.46.254.128.0) | - | - | High
|
||||
109 | [50.225.61.85](https://vuldb.com/?ip.50.225.61.85) | - | - | High
|
||||
110 | [57.90.48.0](https://vuldb.com/?ip.57.90.48.0) | - | - | High
|
||||
111 | [62.44.96.0](https://vuldb.com/?ip.62.44.96.0) | - | - | High
|
||||
112 | [62.73.64.0](https://vuldb.com/?ip.62.73.64.0) | - | - | High
|
||||
113 | [62.176.64.0](https://vuldb.com/?ip.62.176.64.0) | 62-176-64-0.btc-net.bg | - | High
|
||||
114 | [62.182.112.0](https://vuldb.com/?ip.62.182.112.0) | - | - | High
|
||||
115 | [62.192.132.0](https://vuldb.com/?ip.62.192.132.0) | - | - | High
|
||||
116 | [62.204.128.0](https://vuldb.com/?ip.62.204.128.0) | - | - | High
|
||||
117 | [62.221.128.0](https://vuldb.com/?ip.62.221.128.0) | unknown.crc.bg | - | High
|
||||
118 | [63.172.48.27](https://vuldb.com/?ip.63.172.48.27) | - | - | High
|
||||
119 | [74.80.77.0](https://vuldb.com/?ip.74.80.77.0) | - | - | High
|
||||
120 | [77.70.0.0](https://vuldb.com/?ip.77.70.0.0) | - | - | High
|
||||
121 | [77.71.0.0](https://vuldb.com/?ip.77.71.0.0) | n1.bgwan.com | - | High
|
||||
122 | [77.72.85.0](https://vuldb.com/?ip.77.72.85.0) | - | - | High
|
||||
123 | [77.76.0.0](https://vuldb.com/?ip.77.76.0.0) | - | - | High
|
||||
124 | [77.76.128.0](https://vuldb.com/?ip.77.76.128.0) | - | - | High
|
||||
125 | [77.77.0.0](https://vuldb.com/?ip.77.77.0.0) | - | - | High
|
||||
126 | [77.77.128.0](https://vuldb.com/?ip.77.77.128.0) | - | - | High
|
||||
127 | [77.77.160.0](https://vuldb.com/?ip.77.77.160.0) | - | - | High
|
||||
128 | [77.77.168.0](https://vuldb.com/?ip.77.77.168.0) | - | - | High
|
||||
129 | [77.77.168.64](https://vuldb.com/?ip.77.77.168.64) | - | - | High
|
||||
130 | [77.77.168.88](https://vuldb.com/?ip.77.77.168.88) | - | - | High
|
||||
131 | [77.77.168.96](https://vuldb.com/?ip.77.77.168.96) | - | - | High
|
||||
132 | [77.77.168.128](https://vuldb.com/?ip.77.77.168.128) | - | - | High
|
||||
133 | [77.77.169.0](https://vuldb.com/?ip.77.77.169.0) | - | - | High
|
||||
134 | [77.77.170.0](https://vuldb.com/?ip.77.77.170.0) | - | - | High
|
||||
135 | [77.77.172.0](https://vuldb.com/?ip.77.77.172.0) | - | - | High
|
||||
136 | [77.77.176.0](https://vuldb.com/?ip.77.77.176.0) | - | - | High
|
||||
137 | [77.77.178.0](https://vuldb.com/?ip.77.77.178.0) | - | - | High
|
||||
138 | [77.77.179.0](https://vuldb.com/?ip.77.77.179.0) | - | - | High
|
||||
139 | [77.77.179.128](https://vuldb.com/?ip.77.77.179.128) | - | - | High
|
||||
140 | [77.77.179.192](https://vuldb.com/?ip.77.77.179.192) | - | - | High
|
||||
141 | [77.77.179.208](https://vuldb.com/?ip.77.77.179.208) | - | - | High
|
||||
142 | [77.77.179.224](https://vuldb.com/?ip.77.77.179.224) | - | - | High
|
||||
143 | [77.77.179.240](https://vuldb.com/?ip.77.77.179.240) | - | - | High
|
||||
144 | [77.77.180.0](https://vuldb.com/?ip.77.77.180.0) | - | - | High
|
||||
145 | [77.77.184.0](https://vuldb.com/?ip.77.77.184.0) | - | - | High
|
||||
146 | [77.78.0.0](https://vuldb.com/?ip.77.78.0.0) | - | - | High
|
||||
147 | [77.78.128.0](https://vuldb.com/?ip.77.78.128.0) | - | - | High
|
||||
148 | [77.83.112.0](https://vuldb.com/?ip.77.83.112.0) | - | - | High
|
||||
149 | [77.85.0.0](https://vuldb.com/?ip.77.85.0.0) | - | - | High
|
||||
150 | [77.95.232.0](https://vuldb.com/?ip.77.95.232.0) | - | - | High
|
||||
151 | [77.104.128.0](https://vuldb.com/?ip.77.104.128.0) | ip-77-104-128-0.siteground.com | - | High
|
||||
152 | [77.220.196.0](https://vuldb.com/?ip.77.220.196.0) | - | - | High
|
||||
153 | [77.236.160.0](https://vuldb.com/?ip.77.236.160.0) | - | - | High
|
||||
154 | [77.238.64.0](https://vuldb.com/?ip.77.238.64.0) | - | - | High
|
||||
155 | [77.244.192.0](https://vuldb.com/?ip.77.244.192.0) | net192-ip0.linkbg.com | - | High
|
||||
156 | [77.246.208.0](https://vuldb.com/?ip.77.246.208.0) | - | - | High
|
||||
157 | [78.40.136.0](https://vuldb.com/?ip.78.40.136.0) | - | - | High
|
||||
158 | [78.83.0.0](https://vuldb.com/?ip.78.83.0.0) | - | - | High
|
||||
159 | [78.90.0.0](https://vuldb.com/?ip.78.90.0.0) | - | - | High
|
||||
160 | [78.108.240.0](https://vuldb.com/?ip.78.108.240.0) | - | - | High
|
||||
161 | [78.128.0.0](https://vuldb.com/?ip.78.128.0.0) | - | - | High
|
||||
162 | [78.128.64.0](https://vuldb.com/?ip.78.128.64.0) | - | - | High
|
||||
163 | [78.128.96.0](https://vuldb.com/?ip.78.128.96.0) | - | - | High
|
||||
164 | [78.128.112.0](https://vuldb.com/?ip.78.128.112.0) | - | - | High
|
||||
165 | [78.128.120.0](https://vuldb.com/?ip.78.128.120.0) | - | - | High
|
||||
166 | [78.128.124.0](https://vuldb.com/?ip.78.128.124.0) | - | - | High
|
||||
167 | [78.128.126.0](https://vuldb.com/?ip.78.128.126.0) | - | - | High
|
||||
168 | [78.130.128.0](https://vuldb.com/?ip.78.130.128.0) | - | - | High
|
||||
169 | [78.142.0.0](https://vuldb.com/?ip.78.142.0.0) | - | - | High
|
||||
170 | [78.154.0.0](https://vuldb.com/?ip.78.154.0.0) | - | - | High
|
||||
171 | [78.159.128.0](https://vuldb.com/?ip.78.159.128.0) | - | - | High
|
||||
172 | [78.159.136.0](https://vuldb.com/?ip.78.159.136.0) | - | - | High
|
||||
173 | [78.159.149.0](https://vuldb.com/?ip.78.159.149.0) | - | - | High
|
||||
174 | [78.159.150.0](https://vuldb.com/?ip.78.159.150.0) | - | - | High
|
||||
175 | [78.159.152.0](https://vuldb.com/?ip.78.159.152.0) | - | - | High
|
||||
176 | [79.98.104.0](https://vuldb.com/?ip.79.98.104.0) | - | - | High
|
||||
177 | [79.100.0.0](https://vuldb.com/?ip.79.100.0.0) | - | - | High
|
||||
178 | [79.110.112.0](https://vuldb.com/?ip.79.110.112.0) | - | - | High
|
||||
179 | [79.124.0.0](https://vuldb.com/?ip.79.124.0.0) | - | - | High
|
||||
180 | [79.124.64.0](https://vuldb.com/?ip.79.124.64.0) | - | - | High
|
||||
181 | [79.124.72.0](https://vuldb.com/?ip.79.124.72.0) | - | - | High
|
||||
182 | [79.124.76.0](https://vuldb.com/?ip.79.124.76.0) | - | - | High
|
||||
183 | [79.124.78.0](https://vuldb.com/?ip.79.124.78.0) | - | - | High
|
||||
184 | [79.124.80.0](https://vuldb.com/?ip.79.124.80.0) | - | - | High
|
||||
185 | [79.132.0.0](https://vuldb.com/?ip.79.132.0.0) | - | - | High
|
||||
186 | [79.134.48.0](https://vuldb.com/?ip.79.134.48.0) | - | - | High
|
||||
187 | [79.134.160.0](https://vuldb.com/?ip.79.134.160.0) | - | - | High
|
||||
188 | [79.142.70.0](https://vuldb.com/?ip.79.142.70.0) | bg.as51430.net | - | High
|
||||
189 | [80.72.64.0](https://vuldb.com/?ip.80.72.64.0) | - | - | High
|
||||
190 | [80.76.48.0](https://vuldb.com/?ip.80.76.48.0) | hosted-by.technox.com.tr | - | High
|
||||
191 | [80.78.224.0](https://vuldb.com/?ip.80.78.224.0) | - | - | High
|
||||
192 | [80.80.128.0](https://vuldb.com/?ip.80.80.128.0) | - | - | High
|
||||
193 | [80.84.137.0](https://vuldb.com/?ip.80.84.137.0) | - | - | High
|
||||
194 | [80.95.16.0](https://vuldb.com/?ip.80.95.16.0) | - | - | High
|
||||
195 | [80.248.224.146](https://vuldb.com/?ip.80.248.224.146) | - | - | High
|
||||
196 | [80.253.48.0](https://vuldb.com/?ip.80.253.48.0) | - | - | High
|
||||
197 | [81.2.149.124](https://vuldb.com/?ip.81.2.149.124) | - | - | High
|
||||
198 | [81.161.240.0](https://vuldb.com/?ip.81.161.240.0) | - | - | High
|
||||
199 | [82.101.64.0](https://vuldb.com/?ip.82.101.64.0) | - | - | High
|
||||
200 | [82.102.23.0](https://vuldb.com/?ip.82.102.23.0) | nche0.pelibi.com | - | High
|
||||
201 | [82.103.64.0](https://vuldb.com/?ip.82.103.64.0) | - | - | High
|
||||
202 | [82.118.224.0](https://vuldb.com/?ip.82.118.224.0) | - | - | High
|
||||
203 | [82.118.228.0](https://vuldb.com/?ip.82.118.228.0) | - | - | High
|
||||
204 | [82.118.231.0](https://vuldb.com/?ip.82.118.231.0) | 82.118.231.0.telecom-bg.com | - | High
|
||||
205 | [82.118.232.0](https://vuldb.com/?ip.82.118.232.0) | 82.118.232.0.telecom-bg.com | - | High
|
||||
206 | [82.118.236.0](https://vuldb.com/?ip.82.118.236.0) | - | - | High
|
||||
207 | [82.118.240.0](https://vuldb.com/?ip.82.118.240.0) | siteground-office.net | - | High
|
||||
208 | [82.119.64.0](https://vuldb.com/?ip.82.119.64.0) | 82.119.64.0.telecom-bg.com | - | High
|
||||
209 | [82.137.64.0](https://vuldb.com/?ip.82.137.64.0) | - | - | High
|
||||
210 | [82.146.0.0](https://vuldb.com/?ip.82.146.0.0) | - | - | High
|
||||
211 | [82.147.128.0](https://vuldb.com/?ip.82.147.128.0) | - | - | High
|
||||
212 | [82.195.187.17](https://vuldb.com/?ip.82.195.187.17) | - | - | High
|
||||
213 | [83.97.24.0](https://vuldb.com/?ip.83.97.24.0) | - | - | High
|
||||
214 | [83.97.64.0](https://vuldb.com/?ip.83.97.64.0) | - | - | High
|
||||
215 | [83.142.16.0](https://vuldb.com/?ip.83.142.16.0) | - | - | High
|
||||
216 | [83.142.48.0](https://vuldb.com/?ip.83.142.48.0) | 83-142-48-0.dynamic-pool.mclaut.net | - | High
|
||||
217 | [83.143.144.0](https://vuldb.com/?ip.83.143.144.0) | - | - | High
|
||||
218 | [83.143.176.0](https://vuldb.com/?ip.83.143.176.0) | - | - | High
|
||||
219 | [83.143.248.0](https://vuldb.com/?ip.83.143.248.0) | - | - | High
|
||||
220 | [83.148.64.0](https://vuldb.com/?ip.83.148.64.0) | - | - | High
|
||||
221 | [83.150.216.0](https://vuldb.com/?ip.83.150.216.0) | - | - | High
|
||||
222 | [83.222.160.0](https://vuldb.com/?ip.83.222.160.0) | - | - | High
|
||||
223 | [83.222.166.0](https://vuldb.com/?ip.83.222.166.0) | - | - | High
|
||||
224 | [83.222.168.0](https://vuldb.com/?ip.83.222.168.0) | - | - | High
|
||||
225 | [83.222.176.0](https://vuldb.com/?ip.83.222.176.0) | - | - | High
|
||||
226 | [83.228.0.0](https://vuldb.com/?ip.83.228.0.0) | - | - | High
|
||||
227 | [84.1.42.0](https://vuldb.com/?ip.84.1.42.0) | ktv54012A00.fixip.t-online.hu | - | High
|
||||
228 | [84.1.43.0](https://vuldb.com/?ip.84.1.43.0) | ktv54012B00.fixip.t-online.hu | - | High
|
||||
229 | [84.1.43.64](https://vuldb.com/?ip.84.1.43.64) | ktv54012B40.fixip.t-online.hu | - | High
|
||||
230 | [84.1.43.67](https://vuldb.com/?ip.84.1.43.67) | ktv54012B43.fixip.t-online.hu | - | High
|
||||
231 | [84.1.43.68](https://vuldb.com/?ip.84.1.43.68) | ktv54012B44.fixip.t-online.hu | - | High
|
||||
232 | [84.1.43.72](https://vuldb.com/?ip.84.1.43.72) | ktv54012B48.fixip.t-online.hu | - | High
|
||||
233 | [84.1.43.80](https://vuldb.com/?ip.84.1.43.80) | ktv54012B50.fixip.t-online.hu | - | High
|
||||
234 | [84.1.43.96](https://vuldb.com/?ip.84.1.43.96) | ktv54012B60.fixip.t-online.hu | - | High
|
||||
235 | [84.1.43.128](https://vuldb.com/?ip.84.1.43.128) | ktv54012B80.fixip.t-online.hu | - | High
|
||||
236 | [84.1.44.0](https://vuldb.com/?ip.84.1.44.0) | net44-ip0.suvorovo.org | - | High
|
||||
237 | [84.1.154.0](https://vuldb.com/?ip.84.1.154.0) | - | - | High
|
||||
238 | [84.1.240.0](https://vuldb.com/?ip.84.1.240.0) | - | - | High
|
||||
239 | [84.2.74.0](https://vuldb.com/?ip.84.2.74.0) | - | - | High
|
||||
240 | ... | ... | ... | ...
|
||||
1 | [2.20.45.0](https://vuldb.com/?ip.2.20.45.0) | a2-20-45-0.deploy.static.akamaitechnologies.com | - | High
|
||||
2 | [2.20.45.4](https://vuldb.com/?ip.2.20.45.4) | a2-20-45-4.deploy.static.akamaitechnologies.com | - | High
|
||||
3 | [2.20.45.12](https://vuldb.com/?ip.2.20.45.12) | a2-20-45-12.deploy.static.akamaitechnologies.com | - | High
|
||||
4 | [2.20.45.92](https://vuldb.com/?ip.2.20.45.92) | a2-20-45-92.deploy.static.akamaitechnologies.com | - | High
|
||||
5 | [2.20.45.96](https://vuldb.com/?ip.2.20.45.96) | a2-20-45-96.deploy.static.akamaitechnologies.com | - | High
|
||||
6 | [2.21.68.0](https://vuldb.com/?ip.2.21.68.0) | a2-21-68-0.deploy.static.akamaitechnologies.com | - | High
|
||||
7 | [2.56.12.0](https://vuldb.com/?ip.2.56.12.0) | - | - | High
|
||||
8 | [2.56.52.0](https://vuldb.com/?ip.2.56.52.0) | - | - | High
|
||||
9 | [2.58.92.0](https://vuldb.com/?ip.2.58.92.0) | - | - | High
|
||||
10 | [5.32.128.0](https://vuldb.com/?ip.5.32.128.0) | - | - | High
|
||||
11 | [5.53.128.0](https://vuldb.com/?ip.5.53.128.0) | - | - | High
|
||||
12 | [5.61.96.0](https://vuldb.com/?ip.5.61.96.0) | - | - | High
|
||||
13 | [5.62.60.52](https://vuldb.com/?ip.5.62.60.52) | r-52-60-62-5.consumer-pool.prcdn.net | - | High
|
||||
14 | [5.62.62.52](https://vuldb.com/?ip.5.62.62.52) | r-52-62-62-5.consumer-pool.prcdn.net | - | High
|
||||
15 | [5.101.217.128](https://vuldb.com/?ip.5.101.217.128) | - | - | High
|
||||
16 | [5.101.219.0](https://vuldb.com/?ip.5.101.219.0) | - | - | High
|
||||
17 | [5.104.160.0](https://vuldb.com/?ip.5.104.160.0) | 5.104.161.0.telecom-bg.com | - | High
|
||||
18 | [5.132.135.0](https://vuldb.com/?ip.5.132.135.0) | - | - | High
|
||||
19 | [5.133.92.0](https://vuldb.com/?ip.5.133.92.0) | - | - | High
|
||||
20 | [5.181.19.0](https://vuldb.com/?ip.5.181.19.0) | - | - | High
|
||||
21 | [5.181.28.0](https://vuldb.com/?ip.5.181.28.0) | - | - | High
|
||||
22 | [5.181.55.0](https://vuldb.com/?ip.5.181.55.0) | - | - | High
|
||||
23 | [5.181.80.0](https://vuldb.com/?ip.5.181.80.0) | - | - | High
|
||||
24 | [5.182.20.0](https://vuldb.com/?ip.5.182.20.0) | - | - | High
|
||||
25 | [5.183.228.0](https://vuldb.com/?ip.5.183.228.0) | - | - | High
|
||||
26 | [5.183.231.0](https://vuldb.com/?ip.5.183.231.0) | - | - | High
|
||||
27 | [5.188.206.0](https://vuldb.com/?ip.5.188.206.0) | - | - | High
|
||||
28 | [8.40.26.0](https://vuldb.com/?ip.8.40.26.0) | - | - | High
|
||||
29 | [23.223.112.0](https://vuldb.com/?ip.23.223.112.0) | a23-223-112-0.deploy.static.akamaitechnologies.com | - | High
|
||||
30 | [23.223.128.0](https://vuldb.com/?ip.23.223.128.0) | a23-223-128-0.deploy.static.akamaitechnologies.com | - | High
|
||||
31 | [23.229.0.176](https://vuldb.com/?ip.23.229.0.176) | - | - | High
|
||||
32 | [31.6.61.0](https://vuldb.com/?ip.31.6.61.0) | - | - | High
|
||||
33 | [31.7.174.0](https://vuldb.com/?ip.31.7.174.0) | - | - | High
|
||||
34 | [31.13.192.0](https://vuldb.com/?ip.31.13.192.0) | - | - | High
|
||||
35 | [31.13.208.0](https://vuldb.com/?ip.31.13.208.0) | - | - | High
|
||||
36 | [31.13.211.0](https://vuldb.com/?ip.31.13.211.0) | - | - | High
|
||||
37 | [31.13.212.0](https://vuldb.com/?ip.31.13.212.0) | - | - | High
|
||||
38 | [31.13.215.0](https://vuldb.com/?ip.31.13.215.0) | - | - | High
|
||||
39 | [31.13.216.0](https://vuldb.com/?ip.31.13.216.0) | - | - | High
|
||||
40 | [31.13.224.0](https://vuldb.com/?ip.31.13.224.0) | - | - | High
|
||||
41 | [31.14.180.0](https://vuldb.com/?ip.31.14.180.0) | - | - | High
|
||||
42 | [31.14.182.0](https://vuldb.com/?ip.31.14.182.0) | - | - | High
|
||||
43 | [31.41.16.0](https://vuldb.com/?ip.31.41.16.0) | - | - | High
|
||||
44 | [31.169.124.0](https://vuldb.com/?ip.31.169.124.0) | leo0.ecorenewbs.com | - | High
|
||||
45 | [31.186.104.0](https://vuldb.com/?ip.31.186.104.0) | subnet1.mtel.gr | - | High
|
||||
46 | [31.210.9.0](https://vuldb.com/?ip.31.210.9.0) | - | - | High
|
||||
47 | [31.210.12.0](https://vuldb.com/?ip.31.210.12.0) | - | - | High
|
||||
48 | [31.211.128.0](https://vuldb.com/?ip.31.211.128.0) | - | - | High
|
||||
49 | [32.106.113.0](https://vuldb.com/?ip.32.106.113.0) | - | - | High
|
||||
50 | [34.99.140.0](https://vuldb.com/?ip.34.99.140.0) | 0.140.99.34.bc.googleusercontent.com | - | Medium
|
||||
51 | [34.99.212.0](https://vuldb.com/?ip.34.99.212.0) | 0.212.99.34.bc.googleusercontent.com | - | Medium
|
||||
52 | [34.103.156.0](https://vuldb.com/?ip.34.103.156.0) | 0.156.103.34.bc.googleusercontent.com | - | Medium
|
||||
53 | [34.103.223.0](https://vuldb.com/?ip.34.103.223.0) | 0.223.103.34.bc.googleusercontent.com | - | Medium
|
||||
54 | [37.19.203.0](https://vuldb.com/?ip.37.19.203.0) | unn-37-19-203-0.datapacket.com | - | High
|
||||
55 | [37.46.114.0](https://vuldb.com/?ip.37.46.114.0) | bg.as51430.net | - | High
|
||||
56 | [37.60.136.0](https://vuldb.com/?ip.37.60.136.0) | - | - | High
|
||||
57 | [37.60.140.0](https://vuldb.com/?ip.37.60.140.0) | 37-60-140-0.zee.bg | - | High
|
||||
58 | [37.60.143.0](https://vuldb.com/?ip.37.60.143.0) | - | - | High
|
||||
59 | [37.60.224.0](https://vuldb.com/?ip.37.60.224.0) | ip-37-60-224-0.siteground.com | - | High
|
||||
60 | [37.63.0.0](https://vuldb.com/?ip.37.63.0.0) | - | - | High
|
||||
61 | [37.72.130.0](https://vuldb.com/?ip.37.72.130.0) | - | - | High
|
||||
62 | [37.77.80.0](https://vuldb.com/?ip.37.77.80.0) | - | - | High
|
||||
63 | [37.120.152.0](https://vuldb.com/?ip.37.120.152.0) | kyi0.sourrefer.us | - | High
|
||||
64 | [37.130.240.0](https://vuldb.com/?ip.37.130.240.0) | net240-ip0.linkbg.com | - | High
|
||||
65 | [37.139.128.0](https://vuldb.com/?ip.37.139.128.0) | - | - | High
|
||||
66 | [37.143.192.0](https://vuldb.com/?ip.37.143.192.0) | - | - | High
|
||||
67 | [37.156.69.0](https://vuldb.com/?ip.37.156.69.0) | 259c4500.static.cust.trined.nl | - | High
|
||||
68 | [37.156.70.0](https://vuldb.com/?ip.37.156.70.0) | 259c4600.static.cust.trined.nl | - | High
|
||||
69 | [37.157.136.0](https://vuldb.com/?ip.37.157.136.0) | - | - | High
|
||||
70 | [37.157.160.0](https://vuldb.com/?ip.37.157.160.0) | begin.force-it.net.160.157.37.in-addr.arpa | - | High
|
||||
71 | [37.209.168.0](https://vuldb.com/?ip.37.209.168.0) | - | - | High
|
||||
72 | [37.221.120.0](https://vuldb.com/?ip.37.221.120.0) | server.modernizmir.net | - | High
|
||||
73 | [37.252.247.0](https://vuldb.com/?ip.37.252.247.0) | - | - | High
|
||||
74 | [40.127.179.92](https://vuldb.com/?ip.40.127.179.92) | - | - | High
|
||||
75 | [43.113.224.128](https://vuldb.com/?ip.43.113.224.128) | - | - | High
|
||||
76 | [45.10.188.0](https://vuldb.com/?ip.45.10.188.0) | - | - | High
|
||||
77 | [45.12.70.22](https://vuldb.com/?ip.45.12.70.22) | weightiest.get-eye.com | - | High
|
||||
78 | [45.12.71.22](https://vuldb.com/?ip.45.12.71.22) | - | - | High
|
||||
79 | [45.15.180.0](https://vuldb.com/?ip.45.15.180.0) | - | - | High
|
||||
80 | [45.65.68.0](https://vuldb.com/?ip.45.65.68.0) | - | - | High
|
||||
81 | [45.65.71.0](https://vuldb.com/?ip.45.65.71.0) | - | - | High
|
||||
82 | [45.66.44.0](https://vuldb.com/?ip.45.66.44.0) | - | - | High
|
||||
83 | [45.67.12.0](https://vuldb.com/?ip.45.67.12.0) | - | - | High
|
||||
84 | [45.67.19.0](https://vuldb.com/?ip.45.67.19.0) | - | - | High
|
||||
85 | [45.67.88.0](https://vuldb.com/?ip.45.67.88.0) | - | - | High
|
||||
86 | [45.67.208.0](https://vuldb.com/?ip.45.67.208.0) | subnet.gcore.lu | - | High
|
||||
87 | [45.80.216.0](https://vuldb.com/?ip.45.80.216.0) | - | - | High
|
||||
88 | [45.81.176.0](https://vuldb.com/?ip.45.81.176.0) | - | - | High
|
||||
89 | [45.83.148.0](https://vuldb.com/?ip.45.83.148.0) | - | - | High
|
||||
90 | [45.83.216.0](https://vuldb.com/?ip.45.83.216.0) | - | - | High
|
||||
91 | [45.84.80.0](https://vuldb.com/?ip.45.84.80.0) | - | - | High
|
||||
92 | [45.84.172.0](https://vuldb.com/?ip.45.84.172.0) | - | - | High
|
||||
93 | [45.84.184.0](https://vuldb.com/?ip.45.84.184.0) | - | - | High
|
||||
94 | [45.84.192.0](https://vuldb.com/?ip.45.84.192.0) | 0.192.84.45.static.webnick.net | - | High
|
||||
95 | [45.84.194.0](https://vuldb.com/?ip.45.84.194.0) | - | - | High
|
||||
96 | [45.88.64.0](https://vuldb.com/?ip.45.88.64.0) | - | - | High
|
||||
97 | [45.88.216.0](https://vuldb.com/?ip.45.88.216.0) | - | - | High
|
||||
98 | [45.90.56.0](https://vuldb.com/?ip.45.90.56.0) | subnet.ipv4.layer6.net | - | High
|
||||
99 | [45.91.67.0](https://vuldb.com/?ip.45.91.67.0) | no-rdns.consort.network | - | High
|
||||
100 | [45.92.16.0](https://vuldb.com/?ip.45.92.16.0) | - | - | High
|
||||
101 | [45.128.4.0](https://vuldb.com/?ip.45.128.4.0) | clients.evn.bg | - | High
|
||||
102 | [45.128.88.0](https://vuldb.com/?ip.45.128.88.0) | - | - | High
|
||||
103 | [45.133.43.0](https://vuldb.com/?ip.45.133.43.0) | - | - | High
|
||||
104 | [45.133.92.0](https://vuldb.com/?ip.45.133.92.0) | - | - | High
|
||||
105 | [45.133.100.0](https://vuldb.com/?ip.45.133.100.0) | - | - | High
|
||||
106 | [45.137.220.0](https://vuldb.com/?ip.45.137.220.0) | - | - | High
|
||||
107 | [45.139.2.0](https://vuldb.com/?ip.45.139.2.0) | - | - | High
|
||||
108 | [45.140.0.0](https://vuldb.com/?ip.45.140.0.0) | customer.upheads.0.0.140.45 | - | High
|
||||
109 | [45.141.157.0](https://vuldb.com/?ip.45.141.157.0) | - | - | High
|
||||
110 | [45.141.232.0](https://vuldb.com/?ip.45.141.232.0) | - | - | High
|
||||
111 | [45.142.12.0](https://vuldb.com/?ip.45.142.12.0) | - | - | High
|
||||
112 | [45.142.120.0](https://vuldb.com/?ip.45.142.120.0) | - | - | High
|
||||
113 | [45.142.128.0](https://vuldb.com/?ip.45.142.128.0) | - | - | High
|
||||
114 | [45.142.130.0](https://vuldb.com/?ip.45.142.130.0) | - | - | High
|
||||
115 | [45.143.36.0](https://vuldb.com/?ip.45.143.36.0) | 45-143-36-0.ip.welcomeitalia.it | - | High
|
||||
116 | [45.143.68.0](https://vuldb.com/?ip.45.143.68.0) | - | - | High
|
||||
117 | [45.143.200.0](https://vuldb.com/?ip.45.143.200.0) | - | - | High
|
||||
118 | [45.144.152.0](https://vuldb.com/?ip.45.144.152.0) | - | - | High
|
||||
119 | [45.144.154.0](https://vuldb.com/?ip.45.144.154.0) | - | - | High
|
||||
120 | [45.146.140.0](https://vuldb.com/?ip.45.146.140.0) | - | - | High
|
||||
121 | [45.147.148.0](https://vuldb.com/?ip.45.147.148.0) | - | - | High
|
||||
122 | [45.149.12.0](https://vuldb.com/?ip.45.149.12.0) | - | - | High
|
||||
123 | [45.149.240.0](https://vuldb.com/?ip.45.149.240.0) | 45-149-240-0.mastereducation.lol | - | High
|
||||
124 | [45.151.88.0](https://vuldb.com/?ip.45.151.88.0) | - | - | High
|
||||
125 | [45.153.108.0](https://vuldb.com/?ip.45.153.108.0) | - | - | High
|
||||
126 | [45.153.109.0](https://vuldb.com/?ip.45.153.109.0) | - | - | High
|
||||
127 | [45.153.110.0](https://vuldb.com/?ip.45.153.110.0) | - | - | High
|
||||
128 | [45.154.76.0](https://vuldb.com/?ip.45.154.76.0) | - | - | High
|
||||
129 | [45.154.176.0](https://vuldb.com/?ip.45.154.176.0) | loamomro.ip76.abilixsoft.eu | - | High
|
||||
130 | [45.158.28.0](https://vuldb.com/?ip.45.158.28.0) | - | - | High
|
||||
131 | [45.158.160.0](https://vuldb.com/?ip.45.158.160.0) | - | - | High
|
||||
132 | [46.10.0.0](https://vuldb.com/?ip.46.10.0.0) | 46-10-0-0.ip.btc-net.bg | - | High
|
||||
133 | [46.16.192.0](https://vuldb.com/?ip.46.16.192.0) | - | - | High
|
||||
134 | [46.35.160.0](https://vuldb.com/?ip.46.35.160.0) | - | - | High
|
||||
135 | [46.40.64.0](https://vuldb.com/?ip.46.40.64.0) | - | - | High
|
||||
136 | [46.47.64.0](https://vuldb.com/?ip.46.47.64.0) | - | - | High
|
||||
137 | [46.55.128.0](https://vuldb.com/?ip.46.55.128.0) | - | - | High
|
||||
138 | [46.107.239.0](https://vuldb.com/?ip.46.107.239.0) | mlln2E6BEF00.fixip.t-online.hu | - | High
|
||||
139 | [46.229.192.0](https://vuldb.com/?ip.46.229.192.0) | - | - | High
|
||||
140 | [46.232.152.0](https://vuldb.com/?ip.46.232.152.0) | 0.152.232.46.blizoo.bg | - | High
|
||||
141 | [46.233.0.0](https://vuldb.com/?ip.46.233.0.0) | - | - | High
|
||||
142 | [46.237.64.0](https://vuldb.com/?ip.46.237.64.0) | - | - | High
|
||||
143 | [46.238.0.0](https://vuldb.com/?ip.46.238.0.0) | - | - | High
|
||||
144 | [46.243.142.0](https://vuldb.com/?ip.46.243.142.0) | - | - | High
|
||||
145 | [46.249.64.0](https://vuldb.com/?ip.46.249.64.0) | - | - | High
|
||||
146 | [46.252.48.0](https://vuldb.com/?ip.46.252.48.0) | - | - | High
|
||||
147 | [46.253.0.0](https://vuldb.com/?ip.46.253.0.0) | - | - | High
|
||||
148 | [46.253.134.0](https://vuldb.com/?ip.46.253.134.0) | - | - | High
|
||||
149 | [46.254.128.0](https://vuldb.com/?ip.46.254.128.0) | - | - | High
|
||||
150 | [50.7.46.0](https://vuldb.com/?ip.50.7.46.0) | - | - | High
|
||||
151 | [50.225.61.85](https://vuldb.com/?ip.50.225.61.85) | - | - | High
|
||||
152 | [52.46.56.0](https://vuldb.com/?ip.52.46.56.0) | server-52-46-56-0.sof50.r.cloudfront.net | - | High
|
||||
153 | [52.84.112.0](https://vuldb.com/?ip.52.84.112.0) | server-52-84-112-0.sof50.r.cloudfront.net | - | High
|
||||
154 | [52.84.144.0](https://vuldb.com/?ip.52.84.144.0) | server-52-84-144-0.sof50.r.cloudfront.net | - | High
|
||||
155 | [52.85.4.0](https://vuldb.com/?ip.52.85.4.0) | server-52-85-4-0.sof50.r.cloudfront.net | - | High
|
||||
156 | [52.85.101.0](https://vuldb.com/?ip.52.85.101.0) | server-52-85-101-0.sof50.r.cloudfront.net | - | High
|
||||
157 | [52.85.102.0](https://vuldb.com/?ip.52.85.102.0) | server-52-85-102-0.sof50.r.cloudfront.net | - | High
|
||||
158 | [57.90.48.0](https://vuldb.com/?ip.57.90.48.0) | - | - | High
|
||||
159 | [62.44.96.0](https://vuldb.com/?ip.62.44.96.0) | - | - | High
|
||||
160 | [62.67.16.0](https://vuldb.com/?ip.62.67.16.0) | - | - | High
|
||||
161 | [62.67.210.0](https://vuldb.com/?ip.62.67.210.0) | - | - | High
|
||||
162 | [62.73.64.0](https://vuldb.com/?ip.62.73.64.0) | - | - | High
|
||||
163 | [62.133.59.0](https://vuldb.com/?ip.62.133.59.0) | - | - | High
|
||||
164 | [62.176.64.0](https://vuldb.com/?ip.62.176.64.0) | 62-176-64-0.btc-net.bg | - | High
|
||||
165 | [62.182.112.0](https://vuldb.com/?ip.62.182.112.0) | - | - | High
|
||||
166 | [62.192.132.0](https://vuldb.com/?ip.62.192.132.0) | - | - | High
|
||||
167 | [62.204.128.0](https://vuldb.com/?ip.62.204.128.0) | - | - | High
|
||||
168 | [62.221.128.0](https://vuldb.com/?ip.62.221.128.0) | unknown.crc.bg | - | High
|
||||
169 | [62.233.37.0](https://vuldb.com/?ip.62.233.37.0) | - | - | High
|
||||
170 | [63.172.48.27](https://vuldb.com/?ip.63.172.48.27) | - | - | High
|
||||
171 | [66.84.75.0](https://vuldb.com/?ip.66.84.75.0) | lo0.pex1.bb.sof1.continent8.com | - | High
|
||||
172 | [66.159.221.0](https://vuldb.com/?ip.66.159.221.0) | - | - | High
|
||||
173 | [74.80.77.0](https://vuldb.com/?ip.74.80.77.0) | - | - | High
|
||||
174 | [77.70.0.0](https://vuldb.com/?ip.77.70.0.0) | - | - | High
|
||||
175 | [77.71.0.0](https://vuldb.com/?ip.77.71.0.0) | n1.bgwan.com | - | High
|
||||
176 | [77.72.20.0](https://vuldb.com/?ip.77.72.20.0) | - | - | High
|
||||
177 | [77.72.85.0](https://vuldb.com/?ip.77.72.85.0) | - | - | High
|
||||
178 | [77.76.0.0](https://vuldb.com/?ip.77.76.0.0) | - | - | High
|
||||
179 | [77.76.128.0](https://vuldb.com/?ip.77.76.128.0) | - | - | High
|
||||
180 | [77.77.0.0](https://vuldb.com/?ip.77.77.0.0) | - | - | High
|
||||
181 | [77.77.128.0](https://vuldb.com/?ip.77.77.128.0) | - | - | High
|
||||
182 | [77.77.136.0](https://vuldb.com/?ip.77.77.136.0) | - | - | High
|
||||
183 | [77.77.140.0](https://vuldb.com/?ip.77.77.140.0) | - | - | High
|
||||
184 | [77.77.142.0](https://vuldb.com/?ip.77.77.142.0) | - | - | High
|
||||
185 | [77.77.144.0](https://vuldb.com/?ip.77.77.144.0) | - | - | High
|
||||
186 | [77.77.150.0](https://vuldb.com/?ip.77.77.150.0) | - | - | High
|
||||
187 | [77.77.152.0](https://vuldb.com/?ip.77.77.152.0) | - | - | High
|
||||
188 | [77.77.160.0](https://vuldb.com/?ip.77.77.160.0) | - | - | High
|
||||
189 | [77.77.168.0](https://vuldb.com/?ip.77.77.168.0) | - | - | High
|
||||
190 | [77.77.168.64](https://vuldb.com/?ip.77.77.168.64) | - | - | High
|
||||
191 | [77.77.168.88](https://vuldb.com/?ip.77.77.168.88) | - | - | High
|
||||
192 | [77.77.168.96](https://vuldb.com/?ip.77.77.168.96) | - | - | High
|
||||
193 | [77.77.168.128](https://vuldb.com/?ip.77.77.168.128) | - | - | High
|
||||
194 | [77.77.169.0](https://vuldb.com/?ip.77.77.169.0) | - | - | High
|
||||
195 | [77.77.170.0](https://vuldb.com/?ip.77.77.170.0) | - | - | High
|
||||
196 | [77.77.172.0](https://vuldb.com/?ip.77.77.172.0) | - | - | High
|
||||
197 | [77.77.176.0](https://vuldb.com/?ip.77.77.176.0) | - | - | High
|
||||
198 | [77.77.178.0](https://vuldb.com/?ip.77.77.178.0) | - | - | High
|
||||
199 | [77.77.179.0](https://vuldb.com/?ip.77.77.179.0) | - | - | High
|
||||
200 | [77.77.179.128](https://vuldb.com/?ip.77.77.179.128) | - | - | High
|
||||
201 | [77.77.179.192](https://vuldb.com/?ip.77.77.179.192) | - | - | High
|
||||
202 | [77.77.179.208](https://vuldb.com/?ip.77.77.179.208) | - | - | High
|
||||
203 | [77.77.179.224](https://vuldb.com/?ip.77.77.179.224) | - | - | High
|
||||
204 | [77.77.179.240](https://vuldb.com/?ip.77.77.179.240) | - | - | High
|
||||
205 | [77.77.180.0](https://vuldb.com/?ip.77.77.180.0) | - | - | High
|
||||
206 | [77.77.184.0](https://vuldb.com/?ip.77.77.184.0) | - | - | High
|
||||
207 | [77.78.0.0](https://vuldb.com/?ip.77.78.0.0) | - | - | High
|
||||
208 | [77.78.128.0](https://vuldb.com/?ip.77.78.128.0) | - | - | High
|
||||
209 | [77.83.112.0](https://vuldb.com/?ip.77.83.112.0) | - | - | High
|
||||
210 | [77.85.0.0](https://vuldb.com/?ip.77.85.0.0) | - | - | High
|
||||
211 | [77.95.232.0](https://vuldb.com/?ip.77.95.232.0) | - | - | High
|
||||
212 | [77.104.128.0](https://vuldb.com/?ip.77.104.128.0) | ip-77-104-128-0.siteground.com | - | High
|
||||
213 | [77.104.187.0](https://vuldb.com/?ip.77.104.187.0) | ip-77-104-187-0.siteground.com | - | High
|
||||
214 | [77.220.196.0](https://vuldb.com/?ip.77.220.196.0) | - | - | High
|
||||
215 | [77.236.160.0](https://vuldb.com/?ip.77.236.160.0) | - | - | High
|
||||
216 | [77.238.64.0](https://vuldb.com/?ip.77.238.64.0) | - | - | High
|
||||
217 | [77.244.192.0](https://vuldb.com/?ip.77.244.192.0) | net192-ip0.linkbg.com | - | High
|
||||
218 | [77.246.208.0](https://vuldb.com/?ip.77.246.208.0) | - | - | High
|
||||
219 | [78.40.136.0](https://vuldb.com/?ip.78.40.136.0) | - | - | High
|
||||
220 | [78.40.140.0](https://vuldb.com/?ip.78.40.140.0) | - | - | High
|
||||
221 | [78.40.142.0](https://vuldb.com/?ip.78.40.142.0) | - | - | High
|
||||
222 | [78.83.0.0](https://vuldb.com/?ip.78.83.0.0) | - | - | High
|
||||
223 | [78.90.0.0](https://vuldb.com/?ip.78.90.0.0) | - | - | High
|
||||
224 | [78.108.240.0](https://vuldb.com/?ip.78.108.240.0) | - | - | High
|
||||
225 | [78.128.0.0](https://vuldb.com/?ip.78.128.0.0) | - | - | High
|
||||
226 | [78.128.64.0](https://vuldb.com/?ip.78.128.64.0) | - | - | High
|
||||
227 | [78.128.96.0](https://vuldb.com/?ip.78.128.96.0) | - | - | High
|
||||
228 | [78.128.112.0](https://vuldb.com/?ip.78.128.112.0) | - | - | High
|
||||
229 | [78.128.120.0](https://vuldb.com/?ip.78.128.120.0) | - | - | High
|
||||
230 | [78.128.124.0](https://vuldb.com/?ip.78.128.124.0) | - | - | High
|
||||
231 | [78.128.126.0](https://vuldb.com/?ip.78.128.126.0) | - | - | High
|
||||
232 | [78.130.128.0](https://vuldb.com/?ip.78.130.128.0) | - | - | High
|
||||
233 | [78.142.0.0](https://vuldb.com/?ip.78.142.0.0) | - | - | High
|
||||
234 | [78.142.1.0](https://vuldb.com/?ip.78.142.1.0) | - | - | High
|
||||
235 | [78.142.2.0](https://vuldb.com/?ip.78.142.2.0) | - | - | High
|
||||
236 | [78.142.4.0](https://vuldb.com/?ip.78.142.4.0) | - | - | High
|
||||
237 | [78.142.9.0](https://vuldb.com/?ip.78.142.9.0) | - | - | High
|
||||
238 | [78.142.10.0](https://vuldb.com/?ip.78.142.10.0) | - | - | High
|
||||
239 | [78.142.12.0](https://vuldb.com/?ip.78.142.12.0) | - | - | High
|
||||
240 | [78.142.16.0](https://vuldb.com/?ip.78.142.16.0) | - | - | High
|
||||
241 | [78.142.19.0](https://vuldb.com/?ip.78.142.19.0) | - | - | High
|
||||
242 | [78.142.20.0](https://vuldb.com/?ip.78.142.20.0) | - | - | High
|
||||
243 | [78.142.24.0](https://vuldb.com/?ip.78.142.24.0) | - | - | High
|
||||
244 | [78.142.28.0](https://vuldb.com/?ip.78.142.28.0) | 78.142.28.0.telecom-bg.com | - | High
|
||||
245 | [78.142.30.0](https://vuldb.com/?ip.78.142.30.0) | - | - | High
|
||||
246 | [78.142.32.0](https://vuldb.com/?ip.78.142.32.0) | - | - | High
|
||||
247 | [78.154.0.0](https://vuldb.com/?ip.78.154.0.0) | - | - | High
|
||||
248 | [78.159.128.0](https://vuldb.com/?ip.78.159.128.0) | - | - | High
|
||||
249 | [78.159.131.0](https://vuldb.com/?ip.78.159.131.0) | - | - | High
|
||||
250 | [78.159.136.0](https://vuldb.com/?ip.78.159.136.0) | - | - | High
|
||||
251 | [78.159.149.0](https://vuldb.com/?ip.78.159.149.0) | - | - | High
|
||||
252 | [78.159.150.0](https://vuldb.com/?ip.78.159.150.0) | - | - | High
|
||||
253 | [78.159.152.0](https://vuldb.com/?ip.78.159.152.0) | - | - | High
|
||||
254 | [78.159.157.0](https://vuldb.com/?ip.78.159.157.0) | - | - | High
|
||||
255 | [78.159.158.0](https://vuldb.com/?ip.78.159.158.0) | - | - | High
|
||||
256 | [79.98.104.0](https://vuldb.com/?ip.79.98.104.0) | - | - | High
|
||||
257 | [79.100.0.0](https://vuldb.com/?ip.79.100.0.0) | - | - | High
|
||||
258 | [79.110.112.0](https://vuldb.com/?ip.79.110.112.0) | - | - | High
|
||||
259 | [79.124.0.0](https://vuldb.com/?ip.79.124.0.0) | - | - | High
|
||||
260 | [79.124.2.0](https://vuldb.com/?ip.79.124.2.0) | - | - | High
|
||||
261 | [79.124.4.0](https://vuldb.com/?ip.79.124.4.0) | - | - | High
|
||||
262 | [79.124.9.0](https://vuldb.com/?ip.79.124.9.0) | - | - | High
|
||||
263 | [79.124.10.0](https://vuldb.com/?ip.79.124.10.0) | - | - | High
|
||||
264 | [79.124.12.0](https://vuldb.com/?ip.79.124.12.0) | - | - | High
|
||||
265 | [79.124.16.0](https://vuldb.com/?ip.79.124.16.0) | - | - | High
|
||||
266 | [79.124.32.0](https://vuldb.com/?ip.79.124.32.0) | - | - | High
|
||||
267 | [79.124.48.0](https://vuldb.com/?ip.79.124.48.0) | - | - | High
|
||||
268 | [79.124.56.0](https://vuldb.com/?ip.79.124.56.0) | - | - | High
|
||||
269 | [79.124.60.0](https://vuldb.com/?ip.79.124.60.0) | - | - | High
|
||||
270 | [79.124.63.0](https://vuldb.com/?ip.79.124.63.0) | telepoint-net.msk.bg | - | High
|
||||
271 | [79.124.64.0](https://vuldb.com/?ip.79.124.64.0) | - | - | High
|
||||
272 | [79.124.72.0](https://vuldb.com/?ip.79.124.72.0) | - | - | High
|
||||
273 | [79.124.76.0](https://vuldb.com/?ip.79.124.76.0) | - | - | High
|
||||
274 | [79.124.78.0](https://vuldb.com/?ip.79.124.78.0) | - | - | High
|
||||
275 | [79.124.79.0](https://vuldb.com/?ip.79.124.79.0) | - | - | High
|
||||
276 | [79.124.80.0](https://vuldb.com/?ip.79.124.80.0) | - | - | High
|
||||
277 | [79.132.0.0](https://vuldb.com/?ip.79.132.0.0) | - | - | High
|
||||
278 | [79.134.48.0](https://vuldb.com/?ip.79.134.48.0) | - | - | High
|
||||
279 | [79.134.160.0](https://vuldb.com/?ip.79.134.160.0) | - | - | High
|
||||
280 | [79.142.70.0](https://vuldb.com/?ip.79.142.70.0) | bg.as51430.net | - | High
|
||||
281 | [80.72.64.0](https://vuldb.com/?ip.80.72.64.0) | - | - | High
|
||||
282 | [80.72.72.0](https://vuldb.com/?ip.80.72.72.0) | - | - | High
|
||||
283 | [80.72.76.0](https://vuldb.com/?ip.80.72.76.0) | - | - | High
|
||||
284 | [80.72.79.0](https://vuldb.com/?ip.80.72.79.0) | - | - | High
|
||||
285 | [80.72.80.0](https://vuldb.com/?ip.80.72.80.0) | - | - | High
|
||||
286 | [80.72.92.0](https://vuldb.com/?ip.80.72.92.0) | - | - | High
|
||||
287 | [80.76.48.0](https://vuldb.com/?ip.80.76.48.0) | hosted-by.technox.com.tr | - | High
|
||||
288 | [80.78.224.0](https://vuldb.com/?ip.80.78.224.0) | - | - | High
|
||||
289 | [80.80.128.0](https://vuldb.com/?ip.80.80.128.0) | - | - | High
|
||||
290 | [80.84.137.0](https://vuldb.com/?ip.80.84.137.0) | - | - | High
|
||||
291 | [80.84.167.0](https://vuldb.com/?ip.80.84.167.0) | - | - | High
|
||||
292 | [80.95.16.0](https://vuldb.com/?ip.80.95.16.0) | - | - | High
|
||||
293 | [80.248.224.146](https://vuldb.com/?ip.80.248.224.146) | - | - | High
|
||||
294 | [80.253.48.0](https://vuldb.com/?ip.80.253.48.0) | - | - | High
|
||||
295 | [81.2.149.124](https://vuldb.com/?ip.81.2.149.124) | - | - | High
|
||||
296 | [81.161.237.0](https://vuldb.com/?ip.81.161.237.0) | - | - | High
|
||||
297 | [81.161.240.0](https://vuldb.com/?ip.81.161.240.0) | - | - | High
|
||||
298 | [82.101.64.0](https://vuldb.com/?ip.82.101.64.0) | - | - | High
|
||||
299 | [82.102.23.0](https://vuldb.com/?ip.82.102.23.0) | nche0.pelibi.com | - | High
|
||||
300 | [82.103.64.0](https://vuldb.com/?ip.82.103.64.0) | - | - | High
|
||||
301 | [82.112.168.0](https://vuldb.com/?ip.82.112.168.0) | - | - | High
|
||||
302 | [82.112.172.0](https://vuldb.com/?ip.82.112.172.0) | - | - | High
|
||||
303 | [82.117.255.0](https://vuldb.com/?ip.82.117.255.0) | - | - | High
|
||||
304 | [82.118.224.0](https://vuldb.com/?ip.82.118.224.0) | - | - | High
|
||||
305 | [82.118.228.0](https://vuldb.com/?ip.82.118.228.0) | - | - | High
|
||||
306 | [82.118.229.0](https://vuldb.com/?ip.82.118.229.0) | ip-82.118.229.0.telepoint.bg | - | High
|
||||
307 | [82.118.230.0](https://vuldb.com/?ip.82.118.230.0) | - | - | High
|
||||
308 | [82.118.231.0](https://vuldb.com/?ip.82.118.231.0) | 82.118.231.0.telecom-bg.com | - | High
|
||||
309 | [82.118.232.0](https://vuldb.com/?ip.82.118.232.0) | 82.118.232.0.telecom-bg.com | - | High
|
||||
310 | [82.118.234.0](https://vuldb.com/?ip.82.118.234.0) | - | - | High
|
||||
311 | [82.118.236.0](https://vuldb.com/?ip.82.118.236.0) | - | - | High
|
||||
312 | [82.118.240.0](https://vuldb.com/?ip.82.118.240.0) | siteground-office.net | - | High
|
||||
313 | [82.118.243.0](https://vuldb.com/?ip.82.118.243.0) | - | - | High
|
||||
314 | [82.118.244.0](https://vuldb.com/?ip.82.118.244.0) | - | - | High
|
||||
315 | [82.118.248.0](https://vuldb.com/?ip.82.118.248.0) | - | - | High
|
||||
316 | [82.119.64.0](https://vuldb.com/?ip.82.119.64.0) | 82.119.64.0.telecom-bg.com | - | High
|
||||
317 | [82.137.64.0](https://vuldb.com/?ip.82.137.64.0) | - | - | High
|
||||
318 | [82.146.0.0](https://vuldb.com/?ip.82.146.0.0) | - | - | High
|
||||
319 | [82.146.8.0](https://vuldb.com/?ip.82.146.8.0) | - | - | High
|
||||
320 | [82.146.12.0](https://vuldb.com/?ip.82.146.12.0) | - | - | High
|
||||
321 | [82.146.14.0](https://vuldb.com/?ip.82.146.14.0) | - | - | High
|
||||
322 | [82.146.16.0](https://vuldb.com/?ip.82.146.16.0) | - | - | High
|
||||
323 | [82.147.128.0](https://vuldb.com/?ip.82.147.128.0) | - | - | High
|
||||
324 | [82.195.187.17](https://vuldb.com/?ip.82.195.187.17) | - | - | High
|
||||
325 | [83.97.24.0](https://vuldb.com/?ip.83.97.24.0) | - | - | High
|
||||
326 | [83.97.64.0](https://vuldb.com/?ip.83.97.64.0) | - | - | High
|
||||
327 | [83.142.16.0](https://vuldb.com/?ip.83.142.16.0) | - | - | High
|
||||
328 | [83.142.48.0](https://vuldb.com/?ip.83.142.48.0) | 83-142-48-0.dynamic-pool.mclaut.net | - | High
|
||||
329 | ... | ... | ... | ...
|
||||
|
||||
There are 958 more IOC items available. Please use our online service to access the data.
|
||||
There are 1313 more IOC items available. Please use our online service to access the data.
|
||||
|
||||
## TTP - Tactics, Techniques, Procedures
|
||||
|
||||
|
@ -270,14 +359,12 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-24, CWE-29, CWE-35 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
1 | T1006 | CWE-22, CWE-23 | Pathname Traversal | High
|
||||
2 | T1055 | CWE-74 | Injection | High
|
||||
3 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 19 more TTP items available. Please use our online service to access the data.
|
||||
There are 14 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -285,60 +372,65 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `.github/workflows/combine-prs.yml` | High
|
||||
2 | File | `//` | Low
|
||||
3 | File | `/dev/block/mmcblk0rpmb` | High
|
||||
4 | File | `/forum/away.php` | High
|
||||
5 | File | `/fos/admin/ajax.php?action=login` | High
|
||||
6 | File | `/fos/admin/index.php?page=menu` | High
|
||||
7 | File | `/login/index.php` | High
|
||||
8 | File | `/output/outdbg.c` | High
|
||||
9 | File | `/output/outieee.c` | High
|
||||
10 | File | `/password/reset` | High
|
||||
11 | File | `/ptippage.cgi` | High
|
||||
12 | File | `/ptipupgrade.cgi` | High
|
||||
13 | File | `/reports/rwservlet` | High
|
||||
14 | File | `/royal_event/userregister.php` | High
|
||||
15 | File | `/u/username.json` | High
|
||||
16 | File | `01article.php` | High
|
||||
17 | File | `admin/abc.php` | High
|
||||
18 | File | `admin/admin/adminsave.html` | High
|
||||
19 | File | `admin/approve_user.php` | High
|
||||
20 | File | `admin/conf_users_edit.php` | High
|
||||
21 | File | `admin/expense_report.php` | High
|
||||
22 | File | `admin/forget_password.php` | High
|
||||
23 | File | `admin/make_payments.php` | High
|
||||
24 | File | `admin/manage_user.php` | High
|
||||
25 | File | `admin/page-login.php` | High
|
||||
26 | File | `admin/panels/entry/admin.entry.list.php` | High
|
||||
27 | File | `admin/panels/uploader/admin.uploader.php` | High
|
||||
28 | File | `administers` | Medium
|
||||
29 | File | `admin_class.php` | High
|
||||
30 | File | `agent/listener/templates/tail.html` | High
|
||||
31 | File | `ajax_invoice.php` | High
|
||||
32 | File | `announce.php` | Medium
|
||||
33 | File | `api.php` | Low
|
||||
34 | File | `api/?api=add_server` | High
|
||||
35 | File | `app.py` | Low
|
||||
36 | File | `app/api/songs.py` | High
|
||||
37 | File | `app/business/impl/ReviewServiceImpl.java` | High
|
||||
38 | File | `app/controllers/code_caller_controller.php` | High
|
||||
39 | File | `app/controllers/curupira/passwords_controller.rb` | High
|
||||
40 | File | `app/controllers/geopoll_controller.rb` | High
|
||||
41 | File | `app/controllers/image_controller.rb` | High
|
||||
42 | File | `app/controllers/oauth.js` | High
|
||||
43 | File | `app/filters.php` | High
|
||||
44 | File | `application/controllers/timedtext.php` | High
|
||||
45 | File | `application/libraries/LanguageTask.php` | High
|
||||
46 | ... | ... | ...
|
||||
1 | File | `/+CSCOE+/logon.html` | High
|
||||
2 | File | `/admin.php/accessory/filesdel.html` | High
|
||||
3 | File | `/admin/` | Low
|
||||
4 | File | `/admin/ajax.php` | High
|
||||
5 | File | `/admin/content/index` | High
|
||||
6 | File | `/admin/delete_user.php` | High
|
||||
7 | File | `/admin/doctors.php` | High
|
||||
8 | File | `/admin/edit-doc.php` | High
|
||||
9 | File | `/admin/getallarticleinfo` | High
|
||||
10 | File | `/admin/index3.php` | High
|
||||
11 | File | `/admin/login.php` | High
|
||||
12 | File | `/admin/patient.php` | High
|
||||
13 | File | `/admin/robot/approval/list` | High
|
||||
14 | File | `/admin_system/api.php` | High
|
||||
15 | File | `/alphaware/summary.php` | High
|
||||
16 | File | `/api/admin/system/store/order/list` | High
|
||||
17 | File | `/APR/login.php` | High
|
||||
18 | File | `/APR/signup.php` | High
|
||||
19 | File | `/cgi-bin/mft/wireless_mft` | High
|
||||
20 | File | `/cgi-bin/wapopen` | High
|
||||
21 | File | `/edoc/doctor/patient.php` | High
|
||||
22 | File | `/file_manager/login.php` | High
|
||||
23 | File | `/forum/away.php` | High
|
||||
24 | File | `/fos/admin/ajax.php?action=save_settings` | High
|
||||
25 | File | `/ghost/preview` | High
|
||||
26 | File | `/mims/login.php` | High
|
||||
27 | File | `/Moosikay/order.php` | High
|
||||
28 | File | `/param.file.tgz` | High
|
||||
29 | File | `/philosophy/admin/login.php` | High
|
||||
30 | File | `/philosophy/admin/user/controller.php?action=add` | High
|
||||
31 | File | `/php-scrm/login.php` | High
|
||||
32 | File | `/plugins/playbooks/api/v0/playbooks/[playbookID` | High
|
||||
33 | File | `/plugins/playbooks/api/v0/runs` | High
|
||||
34 | File | `/public/launchNewWindow.jsp` | High
|
||||
35 | File | `/reservation/add_message.php` | High
|
||||
36 | File | `/reviewer_0/admins/assessments/pretest/questions-view.php` | High
|
||||
37 | File | `/textpattern/index.php` | High
|
||||
38 | File | `/tmp` | Low
|
||||
39 | File | `account/signup.php` | High
|
||||
40 | File | `activenews_view.asp` | High
|
||||
41 | File | `ad-blocking-detector.php` | High
|
||||
42 | File | `addentry.php` | Medium
|
||||
43 | File | `addmem.php` | Medium
|
||||
44 | File | `addons/Commons/src/tts-utils.js` | High
|
||||
45 | File | `addons/Text_Selection/src/presenter.js` | High
|
||||
46 | File | `admin-ajax.php` | High
|
||||
47 | File | `admin.php` | Medium
|
||||
48 | File | `admin/?page=admin` | High
|
||||
49 | File | `admin/?page=students/view_student` | High
|
||||
50 | ... | ... | ...
|
||||
|
||||
There are 394 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 432 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
The following list contains _external sources_ which discuss the actor and the associated activities:
|
||||
|
||||
* https://github.com/firehol/blocklist-ipsets/blob/master/geolite2_country/country_bg.netset
|
||||
* https://github.com/firehol/blocklist-ipsets/blob/master/ip2location_country/ip2location_country_bg.netset
|
||||
|
||||
## Literature
|
||||
|
||||
|
|
|
@ -10,10 +10,10 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
|
||||
* [VN](https://vuldb.com/?country.vn)
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [NL](https://vuldb.com/?country.nl)
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
* ...
|
||||
|
||||
There are 10 more country items available. Please use our online service to access the data.
|
||||
There are 9 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -148,13 +148,13 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-425 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-294, CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
4 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 18 more TTP items available. Please use our online service to access the data.
|
||||
There are 19 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -163,38 +163,44 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/.env` | Low
|
||||
2 | File | `/appliance/users?action=edit` | High
|
||||
3 | File | `/backup.pl` | Medium
|
||||
4 | File | `/blogengine/api/posts` | High
|
||||
5 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
6 | File | `/forum/away.php` | High
|
||||
7 | File | `/login/index.php` | High
|
||||
8 | File | `/Moosikay/order.php` | High
|
||||
9 | File | `/out.php` | Medium
|
||||
10 | File | `/php-scrm/login.php` | High
|
||||
11 | File | `/products/view_product.php` | High
|
||||
12 | File | `/public/login.htm` | High
|
||||
13 | File | `/secure/QueryComponent!Default.jspa` | High
|
||||
14 | File | `/shell` | Low
|
||||
15 | File | `/spip.php` | Medium
|
||||
16 | File | `/tmp/boa-temp` | High
|
||||
17 | File | `/usr/bin/tddp` | High
|
||||
18 | File | `/wp-admin/admin-ajax.php` | High
|
||||
19 | File | `/wp-admin/options.php` | High
|
||||
20 | File | `/wp-json/wc/v3/webhooks` | High
|
||||
21 | File | `14all.cgi/14all-1.1.cgi/traffic.cgi/mrtg.cgi` | High
|
||||
22 | File | `action.php` | Medium
|
||||
23 | File | `adclick.php` | Medium
|
||||
24 | File | `admin/admin.php?action=users&mode=info&user=2` | High
|
||||
25 | File | `admin/disapprove_user.php` | High
|
||||
26 | File | `admin/import/class-import-settings.php` | High
|
||||
27 | File | `admin/manage_user.php` | High
|
||||
28 | File | `admin/page-login.php` | High
|
||||
29 | File | `adminer.php` | Medium
|
||||
30 | File | `AndroidManifest.xml` | High
|
||||
31 | ... | ... | ...
|
||||
2 | File | `//` | Low
|
||||
3 | File | `/?ajax-request=jnews` | High
|
||||
4 | File | `/admin` | Low
|
||||
5 | File | `/admin/patient.php` | High
|
||||
6 | File | `/api/jmeter/download/files` | High
|
||||
7 | File | `/api/upload` | Medium
|
||||
8 | File | `/api/v1/attack/falco` | High
|
||||
9 | File | `/APR/login.php` | High
|
||||
10 | File | `/as/authorization.oauth2` | High
|
||||
11 | File | `/backup.pl` | Medium
|
||||
12 | File | `/cgi-bin/luci/api/auth` | High
|
||||
13 | File | `/cgi-bin/supervisor/PwdGrp.cgi` | High
|
||||
14 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
15 | File | `/churchcrm/EventAttendance.php` | High
|
||||
16 | File | `/DXR.axd` | Medium
|
||||
17 | File | `/edoc/doctor/patient.php` | High
|
||||
18 | File | `/filemanager/php/connector.php` | High
|
||||
19 | File | `/files/import` | High
|
||||
20 | File | `/forum/away.php` | High
|
||||
21 | File | `/j_security_check` | High
|
||||
22 | File | `/librarian/bookdetails.php` | High
|
||||
23 | File | `/mhds/clinic/view_details.php` | High
|
||||
24 | File | `/modules/projects/vw_files.php` | High
|
||||
25 | File | `/Moosikay/order.php` | High
|
||||
26 | File | `/out.php` | Medium
|
||||
27 | File | `/php-scrm/login.php` | High
|
||||
28 | File | `/reservation/add_message.php` | High
|
||||
29 | File | `/reviewer_0/admins/assessments/pretest/questions-view.php` | High
|
||||
30 | File | `/rukovoditel/index.php?module=users/login` | High
|
||||
31 | File | `/static/ueditor/php/controller.php` | High
|
||||
32 | File | `/tmp/boa-temp` | High
|
||||
33 | File | `/var/WEB-GUI/cgi-bin/telnet.cgi` | High
|
||||
34 | File | `/wp-admin/admin-ajax.php` | High
|
||||
35 | File | `/wp-admin/options.php` | High
|
||||
36 | File | `/wp-content/plugins/woocommerce/templates/emails/plain/` | High
|
||||
37 | ... | ... | ...
|
||||
|
||||
There are 268 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 320 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -91,7 +91,7 @@ ID | Type | Indicator | Confidence
|
|||
36 | File | `arq_updater` | Medium
|
||||
37 | ... | ... | ...
|
||||
|
||||
There are 314 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 315 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [ES](https://vuldb.com/?country.es)
|
||||
* ...
|
||||
|
||||
There are 15 more country items available. Please use our online service to access the data.
|
||||
There are 16 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -61,39 +61,40 @@ ID | Type | Indicator | Confidence
|
|||
2 | File | `/acms/admin/cargo_types/manage_cargo_type.php` | High
|
||||
3 | File | `/admin/ajax/avatar.php` | High
|
||||
4 | File | `/admin/index.php` | High
|
||||
5 | File | `/admin/payment.php` | High
|
||||
6 | File | `/admin/show.php` | High
|
||||
7 | File | `/default.php?idx=17` | High
|
||||
8 | File | `/download` | Medium
|
||||
9 | File | `/forum/away.php` | High
|
||||
10 | File | `/index.php` | Medium
|
||||
11 | File | `/nova/bin/traceroute` | High
|
||||
12 | File | `/opt/bin/cli` | Medium
|
||||
13 | File | `/p` | Low
|
||||
14 | File | `/patient/doctors.php` | High
|
||||
15 | File | `/phpinventory/editcategory.php` | High
|
||||
16 | File | `/product-list.php` | High
|
||||
17 | File | `/spip.php` | Medium
|
||||
18 | File | `/uncpath/` | Medium
|
||||
19 | File | `/updown/upload.cgi` | High
|
||||
20 | File | `/user/del.php` | High
|
||||
21 | File | `/_next` | Low
|
||||
22 | File | `123flashchat.php` | High
|
||||
23 | File | `act.php` | Low
|
||||
24 | File | `admin/bad.php` | High
|
||||
25 | File | `admin/index.php` | High
|
||||
26 | File | `admin/index.php/user/del/1` | High
|
||||
27 | File | `admin/index.php?id=themes&action=edit_chunk` | High
|
||||
28 | File | `administrator/index.php` | High
|
||||
29 | File | `ajax/render/widget_php` | High
|
||||
30 | File | `album_portal.php` | High
|
||||
31 | File | `api.php` | Low
|
||||
32 | File | `application/home/controller/debug.php` | High
|
||||
33 | File | `articulo.php` | Medium
|
||||
34 | File | `author.control.php` | High
|
||||
35 | ... | ... | ...
|
||||
5 | File | `/admin/lab.php` | High
|
||||
6 | File | `/admin/payment.php` | High
|
||||
7 | File | `/admin/show.php` | High
|
||||
8 | File | `/default.php?idx=17` | High
|
||||
9 | File | `/download` | Medium
|
||||
10 | File | `/forum/away.php` | High
|
||||
11 | File | `/index.php` | Medium
|
||||
12 | File | `/nova/bin/traceroute` | High
|
||||
13 | File | `/opt/bin/cli` | Medium
|
||||
14 | File | `/p` | Low
|
||||
15 | File | `/patient/doctors.php` | High
|
||||
16 | File | `/phpinventory/editcategory.php` | High
|
||||
17 | File | `/product-list.php` | High
|
||||
18 | File | `/spip.php` | Medium
|
||||
19 | File | `/uncpath/` | Medium
|
||||
20 | File | `/updown/upload.cgi` | High
|
||||
21 | File | `/user/del.php` | High
|
||||
22 | File | `/_next` | Low
|
||||
23 | File | `123flashchat.php` | High
|
||||
24 | File | `act.php` | Low
|
||||
25 | File | `admin/bad.php` | High
|
||||
26 | File | `admin/index.php` | High
|
||||
27 | File | `admin/index.php/user/del/1` | High
|
||||
28 | File | `admin/index.php?id=themes&action=edit_chunk` | High
|
||||
29 | File | `administrator/index.php` | High
|
||||
30 | File | `ajax/render/widget_php` | High
|
||||
31 | File | `album_portal.php` | High
|
||||
32 | File | `api.php` | Low
|
||||
33 | File | `application/home/controller/debug.php` | High
|
||||
34 | File | `articulo.php` | Medium
|
||||
35 | File | `author.control.php` | High
|
||||
36 | ... | ... | ...
|
||||
|
||||
There are 300 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 307 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [FR](https://vuldb.com/?country.fr)
|
||||
* ...
|
||||
|
||||
There are 14 more country items available. Please use our online service to access the data.
|
||||
There are 15 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -21,15 +21,15 @@ These _indicators of compromise_ (IOC) indicate associated network resources whi
|
|||
|
||||
ID | IP address | Hostname | Campaign | Confidence
|
||||
-- | ---------- | -------- | -------- | ----------
|
||||
1 | [5.62.60.60](https://vuldb.com/?ip.5.62.60.60) | r-60-60-62-5.consumer-pool.prcdn.net | - | High
|
||||
2 | [5.62.62.60](https://vuldb.com/?ip.5.62.62.60) | r-60-62-62-5.consumer-pool.prcdn.net | - | High
|
||||
3 | [41.79.44.0](https://vuldb.com/?ip.41.79.44.0) | - | - | High
|
||||
4 | [41.79.224.0](https://vuldb.com/?ip.41.79.224.0) | - | - | High
|
||||
5 | [45.12.70.24](https://vuldb.com/?ip.45.12.70.24) | libres-shmit.get-eye.com | - | High
|
||||
6 | [45.12.71.24](https://vuldb.com/?ip.45.12.71.24) | - | - | High
|
||||
1 | [2.18.11.0](https://vuldb.com/?ip.2.18.11.0) | a2-18-11-0.deploy.static.akamaitechnologies.com | - | High
|
||||
2 | [5.62.60.60](https://vuldb.com/?ip.5.62.60.60) | r-60-60-62-5.consumer-pool.prcdn.net | - | High
|
||||
3 | [5.62.62.60](https://vuldb.com/?ip.5.62.62.60) | r-60-62-62-5.consumer-pool.prcdn.net | - | High
|
||||
4 | [41.79.44.0](https://vuldb.com/?ip.41.79.44.0) | - | - | High
|
||||
5 | [41.79.224.0](https://vuldb.com/?ip.41.79.224.0) | - | - | High
|
||||
6 | [41.207.112.0](https://vuldb.com/?ip.41.207.112.0) | - | - | High
|
||||
7 | ... | ... | ... | ...
|
||||
|
||||
There are 22 more IOC items available. Please use our online service to access the data.
|
||||
There are 26 more IOC items available. Please use our online service to access the data.
|
||||
|
||||
## TTP - Tactics, Techniques, Procedures
|
||||
|
||||
|
@ -54,43 +54,45 @@ ID | Type | Indicator | Confidence
|
|||
2 | File | `/acms/admin/cargo_types/manage_cargo_type.php` | High
|
||||
3 | File | `/admin/ajax/avatar.php` | High
|
||||
4 | File | `/admin/index.php` | High
|
||||
5 | File | `/admin/payment.php` | High
|
||||
6 | File | `/admin/show.php` | High
|
||||
7 | File | `/default.php?idx=17` | High
|
||||
8 | File | `/download` | Medium
|
||||
9 | File | `/forum/away.php` | High
|
||||
10 | File | `/index.php` | Medium
|
||||
11 | File | `/opt/bin/cli` | Medium
|
||||
12 | File | `/p` | Low
|
||||
13 | File | `/patient/doctors.php` | High
|
||||
14 | File | `/phpinventory/editcategory.php` | High
|
||||
15 | File | `/product-list.php` | High
|
||||
16 | File | `/spip.php` | Medium
|
||||
17 | File | `/uncpath/` | Medium
|
||||
18 | File | `/updown/upload.cgi` | High
|
||||
19 | File | `/user/del.php` | High
|
||||
20 | File | `/_next` | Low
|
||||
21 | File | `123flashchat.php` | High
|
||||
22 | File | `act.php` | Low
|
||||
23 | File | `admin/bad.php` | High
|
||||
24 | File | `admin/conf_users_edit.php` | High
|
||||
25 | File | `admin/dashboard.php` | High
|
||||
26 | File | `admin/index.php` | High
|
||||
27 | File | `admin/index.php/user/del/1` | High
|
||||
28 | File | `admin/index.php?id=themes&action=edit_chunk` | High
|
||||
29 | File | `administrator/index.php` | High
|
||||
30 | File | `ajax/render/widget_php` | High
|
||||
31 | File | `album_portal.php` | High
|
||||
32 | File | `api.php` | Low
|
||||
33 | ... | ... | ...
|
||||
5 | File | `/admin/lab.php` | High
|
||||
6 | File | `/admin/payment.php` | High
|
||||
7 | File | `/admin/show.php` | High
|
||||
8 | File | `/default.php?idx=17` | High
|
||||
9 | File | `/download` | Medium
|
||||
10 | File | `/forum/away.php` | High
|
||||
11 | File | `/index.php` | Medium
|
||||
12 | File | `/opt/bin/cli` | Medium
|
||||
13 | File | `/p` | Low
|
||||
14 | File | `/patient/doctors.php` | High
|
||||
15 | File | `/phpinventory/editcategory.php` | High
|
||||
16 | File | `/product-list.php` | High
|
||||
17 | File | `/spip.php` | Medium
|
||||
18 | File | `/uncpath/` | Medium
|
||||
19 | File | `/updown/upload.cgi` | High
|
||||
20 | File | `/user/del.php` | High
|
||||
21 | File | `/_next` | Low
|
||||
22 | File | `123flashchat.php` | High
|
||||
23 | File | `act.php` | Low
|
||||
24 | File | `admin/bad.php` | High
|
||||
25 | File | `admin/conf_users_edit.php` | High
|
||||
26 | File | `admin/dashboard.php` | High
|
||||
27 | File | `admin/index.php` | High
|
||||
28 | File | `admin/index.php/user/del/1` | High
|
||||
29 | File | `admin/index.php?id=themes&action=edit_chunk` | High
|
||||
30 | File | `administrator/index.php` | High
|
||||
31 | File | `ajax/render/widget_php` | High
|
||||
32 | File | `album_portal.php` | High
|
||||
33 | File | `api.php` | Low
|
||||
34 | ... | ... | ...
|
||||
|
||||
There are 285 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 295 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
The following list contains _external sources_ which discuss the actor and the associated activities:
|
||||
|
||||
* https://github.com/firehol/blocklist-ipsets/blob/master/geolite2_country/country_bi.netset
|
||||
* https://github.com/firehol/blocklist-ipsets/blob/master/ip2location_country/ip2location_country_bi.netset
|
||||
|
||||
## Literature
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [DE](https://vuldb.com/?country.de)
|
||||
* ...
|
||||
|
||||
There are 13 more country items available. Please use our online service to access the data.
|
||||
There are 14 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
|
|
@ -10,10 +10,10 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [ES](https://vuldb.com/?country.es)
|
||||
* [PT](https://vuldb.com/?country.pt)
|
||||
* [FR](https://vuldb.com/?country.fr)
|
||||
* ...
|
||||
|
||||
There are 16 more country items available. Please use our online service to access the data.
|
||||
There are 17 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -25,9 +25,10 @@ ID | IP address | Hostname | Campaign | Confidence
|
|||
2 | [5.62.62.72](https://vuldb.com/?ip.5.62.62.72) | r-72-62-62-5.consumer-pool.prcdn.net | - | High
|
||||
3 | [41.74.128.0](https://vuldb.com/?ip.41.74.128.0) | - | - | High
|
||||
4 | [41.79.124.0](https://vuldb.com/?ip.41.79.124.0) | - | - | High
|
||||
5 | ... | ... | ... | ...
|
||||
5 | [41.215.208.0](https://vuldb.com/?ip.41.215.208.0) | - | - | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 17 more IOC items available. Please use our online service to access the data.
|
||||
There are 21 more IOC items available. Please use our online service to access the data.
|
||||
|
||||
## TTP - Tactics, Techniques, Procedures
|
||||
|
||||
|
@ -54,46 +55,49 @@ ID | Type | Indicator | Confidence
|
|||
3 | File | `/acms/admin/cargo_types/manage_cargo_type.php` | High
|
||||
4 | File | `/admin/ajax/avatar.php` | High
|
||||
5 | File | `/admin/index.php` | High
|
||||
6 | File | `/admin/payment.php` | High
|
||||
7 | File | `/admin/show.php` | High
|
||||
8 | File | `/api/json/admin/getmailserversettings` | High
|
||||
9 | File | `/default.php?idx=17` | High
|
||||
10 | File | `/download` | Medium
|
||||
11 | File | `/forum/away.php` | High
|
||||
12 | File | `/home.php` | Medium
|
||||
13 | File | `/index.php` | Medium
|
||||
14 | File | `/opt/bin/cli` | Medium
|
||||
15 | File | `/p` | Low
|
||||
16 | File | `/patient/doctors.php` | High
|
||||
17 | File | `/phpinventory/editcategory.php` | High
|
||||
18 | File | `/product-list.php` | High
|
||||
19 | File | `/rest/api/2/user/picker` | High
|
||||
20 | File | `/RestAPI` | Medium
|
||||
21 | File | `/spip.php` | Medium
|
||||
22 | File | `/uncpath/` | Medium
|
||||
23 | File | `/updown/upload.cgi` | High
|
||||
24 | File | `/user/del.php` | High
|
||||
25 | File | `/_next` | Low
|
||||
26 | File | `123flashchat.php` | High
|
||||
27 | File | `act.php` | Low
|
||||
28 | File | `admin.php` | Medium
|
||||
29 | File | `admin/bad.php` | High
|
||||
30 | File | `admin/index.php` | High
|
||||
31 | File | `admin/index.php/user/del/1` | High
|
||||
32 | File | `admin/index.php?id=themes&action=edit_chunk` | High
|
||||
33 | File | `administrator/index.php` | High
|
||||
34 | File | `affich.php` | Medium
|
||||
35 | File | `ajax/render/widget_php` | High
|
||||
36 | File | `album_portal.php` | High
|
||||
37 | ... | ... | ...
|
||||
6 | File | `/admin/lab.php` | High
|
||||
7 | File | `/admin/payment.php` | High
|
||||
8 | File | `/admin/show.php` | High
|
||||
9 | File | `/api/json/admin/getmailserversettings` | High
|
||||
10 | File | `/default.php?idx=17` | High
|
||||
11 | File | `/download` | Medium
|
||||
12 | File | `/forum/away.php` | High
|
||||
13 | File | `/home.php` | Medium
|
||||
14 | File | `/index.php` | Medium
|
||||
15 | File | `/opt/bin/cli` | Medium
|
||||
16 | File | `/p` | Low
|
||||
17 | File | `/patient/doctors.php` | High
|
||||
18 | File | `/phpinventory/editcategory.php` | High
|
||||
19 | File | `/product-list.php` | High
|
||||
20 | File | `/rest/api/2/user/picker` | High
|
||||
21 | File | `/RestAPI` | Medium
|
||||
22 | File | `/spip.php` | Medium
|
||||
23 | File | `/uncpath/` | Medium
|
||||
24 | File | `/updown/upload.cgi` | High
|
||||
25 | File | `/user/del.php` | High
|
||||
26 | File | `/_next` | Low
|
||||
27 | File | `123flashchat.php` | High
|
||||
28 | File | `act.php` | Low
|
||||
29 | File | `admin.php` | Medium
|
||||
30 | File | `admin/bad.php` | High
|
||||
31 | File | `admin/index.php` | High
|
||||
32 | File | `admin/index.php/user/del/1` | High
|
||||
33 | File | `admin/index.php?id=themes&action=edit_chunk` | High
|
||||
34 | File | `administrator/index.php` | High
|
||||
35 | File | `affich.php` | Medium
|
||||
36 | File | `ajax/render/widget_php` | High
|
||||
37 | File | `album_portal.php` | High
|
||||
38 | File | `api.php` | Low
|
||||
39 | ... | ... | ...
|
||||
|
||||
There are 321 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 333 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
The following list contains _external sources_ which discuss the actor and the associated activities:
|
||||
|
||||
* https://github.com/firehol/blocklist-ipsets/blob/master/geolite2_country/country_cv.netset
|
||||
* https://github.com/firehol/blocklist-ipsets/blob/master/ip2location_country/ip2location_country_cv.netset
|
||||
|
||||
## Literature
|
||||
|
||||
|
|
|
@ -9,8 +9,11 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
|
|||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Cambodia Unknown:
|
||||
|
||||
* [KH](https://vuldb.com/?country.kh)
|
||||
* [RU](https://vuldb.com/?country.ru)
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [ID](https://vuldb.com/?country.id)
|
||||
* ...
|
||||
|
||||
There are 3 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -24,63 +27,75 @@ ID | IP address | Hostname | Campaign | Confidence
|
|||
4 | [5.62.62.64](https://vuldb.com/?ip.5.62.62.64) | r-64-62-62-5.consumer-pool.prcdn.net | - | High
|
||||
5 | [27.34.178.0](https://vuldb.com/?ip.27.34.178.0) | - | - | High
|
||||
6 | [27.34.178.64](https://vuldb.com/?ip.27.34.178.64) | - | - | High
|
||||
7 | [27.34.186.0](https://vuldb.com/?ip.27.34.186.0) | - | - | High
|
||||
8 | [27.34.186.2](https://vuldb.com/?ip.27.34.186.2) | - | - | High
|
||||
9 | [27.34.187.0](https://vuldb.com/?ip.27.34.187.0) | - | - | High
|
||||
10 | [27.34.187.32](https://vuldb.com/?ip.27.34.187.32) | - | - | High
|
||||
11 | [27.96.84.0](https://vuldb.com/?ip.27.96.84.0) | - | - | High
|
||||
12 | [27.109.112.0](https://vuldb.com/?ip.27.109.112.0) | - | - | High
|
||||
13 | [27.111.8.0](https://vuldb.com/?ip.27.111.8.0) | - | - | High
|
||||
14 | [27.116.60.0](https://vuldb.com/?ip.27.116.60.0) | - | - | High
|
||||
15 | [27.124.33.0](https://vuldb.com/?ip.27.124.33.0) | - | - | High
|
||||
16 | [27.124.34.0](https://vuldb.com/?ip.27.124.34.0) | - | - | High
|
||||
17 | [27.124.36.0](https://vuldb.com/?ip.27.124.36.0) | - | - | High
|
||||
18 | [27.124.40.0](https://vuldb.com/?ip.27.124.40.0) | - | - | High
|
||||
19 | [34.98.224.0](https://vuldb.com/?ip.34.98.224.0) | 0.224.98.34.bc.googleusercontent.com | - | Medium
|
||||
20 | [34.98.240.0](https://vuldb.com/?ip.34.98.240.0) | 0.240.98.34.bc.googleusercontent.com | - | Medium
|
||||
21 | [34.103.0.0](https://vuldb.com/?ip.34.103.0.0) | 0.0.103.34.bc.googleusercontent.com | - | Medium
|
||||
22 | [36.37.128.0](https://vuldb.com/?ip.36.37.128.0) | metfone.com.kh | - | High
|
||||
23 | [36.255.144.0](https://vuldb.com/?ip.36.255.144.0) | - | - | High
|
||||
24 | [42.115.0.0](https://vuldb.com/?ip.42.115.0.0) | - | - | High
|
||||
25 | [43.226.12.0](https://vuldb.com/?ip.43.226.12.0) | - | - | High
|
||||
26 | [43.230.60.0](https://vuldb.com/?ip.43.230.60.0) | - | - | High
|
||||
27 | [43.230.192.0](https://vuldb.com/?ip.43.230.192.0) | - | - | High
|
||||
28 | [43.231.64.0](https://vuldb.com/?ip.43.231.64.0) | - | - | High
|
||||
29 | [43.245.32.0](https://vuldb.com/?ip.43.245.32.0) | - | - | High
|
||||
30 | [43.245.200.0](https://vuldb.com/?ip.43.245.200.0) | - | - | High
|
||||
31 | [43.245.216.0](https://vuldb.com/?ip.43.245.216.0) | - | - | High
|
||||
32 | [43.252.16.0](https://vuldb.com/?ip.43.252.16.0) | - | - | High
|
||||
33 | [43.252.80.0](https://vuldb.com/?ip.43.252.80.0) | - | - | High
|
||||
34 | [43.255.112.0](https://vuldb.com/?ip.43.255.112.0) | - | - | High
|
||||
35 | [45.12.70.118](https://vuldb.com/?ip.45.12.70.118) | device-despite.yourbandinc.com | - | High
|
||||
36 | [45.12.71.118](https://vuldb.com/?ip.45.12.71.118) | - | - | High
|
||||
37 | [45.59.146.0](https://vuldb.com/?ip.45.59.146.0) | - | - | High
|
||||
38 | [45.64.124.0](https://vuldb.com/?ip.45.64.124.0) | - | - | High
|
||||
39 | [45.112.44.0](https://vuldb.com/?ip.45.112.44.0) | - | - | High
|
||||
40 | [45.114.160.0](https://vuldb.com/?ip.45.114.160.0) | - | - | High
|
||||
41 | [45.115.80.0](https://vuldb.com/?ip.45.115.80.0) | - | - | High
|
||||
42 | [45.115.180.0](https://vuldb.com/?ip.45.115.180.0) | - | - | High
|
||||
43 | [45.115.208.0](https://vuldb.com/?ip.45.115.208.0) | - | - | High
|
||||
44 | [45.118.76.0](https://vuldb.com/?ip.45.118.76.0) | - | - | High
|
||||
45 | [45.121.236.0](https://vuldb.com/?ip.45.121.236.0) | akctv.com | - | High
|
||||
46 | [45.127.152.0](https://vuldb.com/?ip.45.127.152.0) | - | - | High
|
||||
47 | [45.250.236.0](https://vuldb.com/?ip.45.250.236.0) | - | - | High
|
||||
48 | [46.244.29.64](https://vuldb.com/?ip.46.244.29.64) | - | - | High
|
||||
49 | [49.156.0.0](https://vuldb.com/?ip.49.156.0.0) | - | - | High
|
||||
50 | [49.156.32.0](https://vuldb.com/?ip.49.156.32.0) | - | - | High
|
||||
51 | [64.64.121.64](https://vuldb.com/?ip.64.64.121.64) | - | - | High
|
||||
52 | [66.102.33.0](https://vuldb.com/?ip.66.102.33.0) | - | - | High
|
||||
53 | [81.161.239.0](https://vuldb.com/?ip.81.161.239.0) | - | - | High
|
||||
54 | [83.172.62.0](https://vuldb.com/?ip.83.172.62.0) | - | - | High
|
||||
55 | [85.209.176.0](https://vuldb.com/?ip.85.209.176.0) | - | - | High
|
||||
56 | [87.247.160.0](https://vuldb.com/?ip.87.247.160.0) | - | - | High
|
||||
57 | [96.9.64.0](https://vuldb.com/?ip.96.9.64.0) | - | - | High
|
||||
58 | [102.129.232.0](https://vuldb.com/?ip.102.129.232.0) | - | - | High
|
||||
59 | [103.5.124.0](https://vuldb.com/?ip.103.5.124.0) | - | - | High
|
||||
60 | [103.5.230.0](https://vuldb.com/?ip.103.5.230.0) | - | - | High
|
||||
61 | ... | ... | ... | ...
|
||||
7 | [27.34.183.0](https://vuldb.com/?ip.27.34.183.0) | - | - | High
|
||||
8 | [27.34.186.0](https://vuldb.com/?ip.27.34.186.0) | - | - | High
|
||||
9 | [27.34.186.2](https://vuldb.com/?ip.27.34.186.2) | - | - | High
|
||||
10 | [27.34.187.0](https://vuldb.com/?ip.27.34.187.0) | - | - | High
|
||||
11 | [27.34.187.32](https://vuldb.com/?ip.27.34.187.32) | - | - | High
|
||||
12 | [27.34.189.0](https://vuldb.com/?ip.27.34.189.0) | - | - | High
|
||||
13 | [27.96.84.0](https://vuldb.com/?ip.27.96.84.0) | - | - | High
|
||||
14 | [27.109.112.0](https://vuldb.com/?ip.27.109.112.0) | - | - | High
|
||||
15 | [27.111.8.0](https://vuldb.com/?ip.27.111.8.0) | - | - | High
|
||||
16 | [27.116.60.0](https://vuldb.com/?ip.27.116.60.0) | - | - | High
|
||||
17 | [27.124.33.0](https://vuldb.com/?ip.27.124.33.0) | - | - | High
|
||||
18 | [27.124.34.0](https://vuldb.com/?ip.27.124.34.0) | - | - | High
|
||||
19 | [27.124.36.0](https://vuldb.com/?ip.27.124.36.0) | - | - | High
|
||||
20 | [27.124.40.0](https://vuldb.com/?ip.27.124.40.0) | - | - | High
|
||||
21 | [34.98.224.0](https://vuldb.com/?ip.34.98.224.0) | 0.224.98.34.bc.googleusercontent.com | - | Medium
|
||||
22 | [34.98.240.0](https://vuldb.com/?ip.34.98.240.0) | 0.240.98.34.bc.googleusercontent.com | - | Medium
|
||||
23 | [34.103.0.0](https://vuldb.com/?ip.34.103.0.0) | 0.0.103.34.bc.googleusercontent.com | - | Medium
|
||||
24 | [36.37.128.0](https://vuldb.com/?ip.36.37.128.0) | metfone.com.kh | - | High
|
||||
25 | [36.255.144.0](https://vuldb.com/?ip.36.255.144.0) | - | - | High
|
||||
26 | [42.115.0.0](https://vuldb.com/?ip.42.115.0.0) | - | - | High
|
||||
27 | [43.129.36.175](https://vuldb.com/?ip.43.129.36.175) | - | - | High
|
||||
28 | [43.129.41.169](https://vuldb.com/?ip.43.129.41.169) | - | - | High
|
||||
29 | [43.226.12.0](https://vuldb.com/?ip.43.226.12.0) | - | - | High
|
||||
30 | [43.230.60.0](https://vuldb.com/?ip.43.230.60.0) | - | - | High
|
||||
31 | [43.230.192.0](https://vuldb.com/?ip.43.230.192.0) | - | - | High
|
||||
32 | [43.231.64.0](https://vuldb.com/?ip.43.231.64.0) | - | - | High
|
||||
33 | [43.231.220.0](https://vuldb.com/?ip.43.231.220.0) | iZxeQl5zBqI.IC849Y21.ayApslN-TlHo.iNFO | - | High
|
||||
34 | [43.245.32.0](https://vuldb.com/?ip.43.245.32.0) | - | - | High
|
||||
35 | [43.245.200.0](https://vuldb.com/?ip.43.245.200.0) | - | - | High
|
||||
36 | [43.245.216.0](https://vuldb.com/?ip.43.245.216.0) | - | - | High
|
||||
37 | [43.250.228.0](https://vuldb.com/?ip.43.250.228.0) | - | - | High
|
||||
38 | [43.252.16.0](https://vuldb.com/?ip.43.252.16.0) | - | - | High
|
||||
39 | [43.252.80.0](https://vuldb.com/?ip.43.252.80.0) | - | - | High
|
||||
40 | [43.255.112.0](https://vuldb.com/?ip.43.255.112.0) | - | - | High
|
||||
41 | [45.12.70.118](https://vuldb.com/?ip.45.12.70.118) | device-despite.yourbandinc.com | - | High
|
||||
42 | [45.12.71.118](https://vuldb.com/?ip.45.12.71.118) | - | - | High
|
||||
43 | [45.59.146.0](https://vuldb.com/?ip.45.59.146.0) | - | - | High
|
||||
44 | [45.64.124.0](https://vuldb.com/?ip.45.64.124.0) | - | - | High
|
||||
45 | [45.112.44.0](https://vuldb.com/?ip.45.112.44.0) | - | - | High
|
||||
46 | [45.114.160.0](https://vuldb.com/?ip.45.114.160.0) | - | - | High
|
||||
47 | [45.115.80.0](https://vuldb.com/?ip.45.115.80.0) | - | - | High
|
||||
48 | [45.115.180.0](https://vuldb.com/?ip.45.115.180.0) | - | - | High
|
||||
49 | [45.115.208.0](https://vuldb.com/?ip.45.115.208.0) | - | - | High
|
||||
50 | [45.118.76.0](https://vuldb.com/?ip.45.118.76.0) | - | - | High
|
||||
51 | [45.121.236.0](https://vuldb.com/?ip.45.121.236.0) | akctv.com | - | High
|
||||
52 | [45.127.152.0](https://vuldb.com/?ip.45.127.152.0) | - | - | High
|
||||
53 | [45.201.128.0](https://vuldb.com/?ip.45.201.128.0) | - | - | High
|
||||
54 | [45.201.192.0](https://vuldb.com/?ip.45.201.192.0) | - | - | High
|
||||
55 | [45.201.208.0](https://vuldb.com/?ip.45.201.208.0) | - | - | High
|
||||
56 | [45.201.212.0](https://vuldb.com/?ip.45.201.212.0) | - | - | High
|
||||
57 | [45.250.236.0](https://vuldb.com/?ip.45.250.236.0) | - | - | High
|
||||
58 | [46.244.29.64](https://vuldb.com/?ip.46.244.29.64) | - | - | High
|
||||
59 | [49.156.0.0](https://vuldb.com/?ip.49.156.0.0) | - | - | High
|
||||
60 | [49.156.32.0](https://vuldb.com/?ip.49.156.32.0) | - | - | High
|
||||
61 | [57.72.80.0](https://vuldb.com/?ip.57.72.80.0) | - | - | High
|
||||
62 | [57.92.80.0](https://vuldb.com/?ip.57.92.80.0) | - | - | High
|
||||
63 | [58.97.192.0](https://vuldb.com/?ip.58.97.192.0) | - | - | High
|
||||
64 | [58.97.224.0](https://vuldb.com/?ip.58.97.224.0) | - | - | High
|
||||
65 | [64.64.121.64](https://vuldb.com/?ip.64.64.121.64) | - | - | High
|
||||
66 | [66.102.33.0](https://vuldb.com/?ip.66.102.33.0) | - | - | High
|
||||
67 | [81.161.239.0](https://vuldb.com/?ip.81.161.239.0) | - | - | High
|
||||
68 | [83.172.62.0](https://vuldb.com/?ip.83.172.62.0) | - | - | High
|
||||
69 | [85.209.176.0](https://vuldb.com/?ip.85.209.176.0) | - | - | High
|
||||
70 | [87.247.160.0](https://vuldb.com/?ip.87.247.160.0) | - | - | High
|
||||
71 | [93.114.14.0](https://vuldb.com/?ip.93.114.14.0) | - | - | High
|
||||
72 | [96.9.64.0](https://vuldb.com/?ip.96.9.64.0) | - | - | High
|
||||
73 | ... | ... | ... | ...
|
||||
|
||||
There are 241 more IOC items available. Please use our online service to access the data.
|
||||
There are 288 more IOC items available. Please use our online service to access the data.
|
||||
|
||||
## TTP - Tactics, Techniques, Procedures
|
||||
|
||||
|
@ -89,11 +104,11 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-22 | Pathname Traversal | High
|
||||
2 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
3 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
2 | T1055 | CWE-74 | Injection | High
|
||||
3 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 9 more TTP items available. Please use our online service to access the data.
|
||||
There are 10 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -102,25 +117,29 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/admin/AddNewCity/Add_City` | High
|
||||
2 | File | `/food/admin/all_users.php` | High
|
||||
3 | File | `/forum/away.php` | High
|
||||
4 | File | `/mkshop/Men/profile.php` | High
|
||||
5 | File | `/modules/profile/index.php` | High
|
||||
6 | File | `/nova/bin/console` | High
|
||||
7 | File | `/out.php` | Medium
|
||||
8 | File | `/spip.php` | Medium
|
||||
9 | File | `/uncpath/` | Medium
|
||||
10 | File | `adclick.php` | Medium
|
||||
11 | File | `addentry.php` | Medium
|
||||
12 | ... | ... | ...
|
||||
2 | File | `/admin/subnets/ripe-query.php` | High
|
||||
3 | File | `/food/admin/all_users.php` | High
|
||||
4 | File | `/forum/away.php` | High
|
||||
5 | File | `/mkshop/Men/profile.php` | High
|
||||
6 | File | `/modules/profile/index.php` | High
|
||||
7 | File | `/nova/bin/console` | High
|
||||
8 | File | `/out.php` | Medium
|
||||
9 | File | `/spip.php` | Medium
|
||||
10 | File | `/uncpath/` | Medium
|
||||
11 | File | `/usr/bin/pkexec` | High
|
||||
12 | File | `adclick.php` | Medium
|
||||
13 | File | `addentry.php` | Medium
|
||||
14 | ... | ... | ...
|
||||
|
||||
There are 89 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 108 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
The following list contains _external sources_ which discuss the actor and the associated activities:
|
||||
|
||||
* https://github.com/firehol/blocklist-ipsets/blob/master/geolite2_country/country_kh.netset
|
||||
* https://github.com/firehol/blocklist-ipsets/blob/master/ip2location_country/ip2location_country_kh.netset
|
||||
* https://go.recordedfuture.com/hubfs/reports/cta-2021-1208.pdf
|
||||
|
||||
## Literature
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [ES](https://vuldb.com/?country.es)
|
||||
* ...
|
||||
|
||||
There are 16 more country items available. Please use our online service to access the data.
|
||||
There are 17 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -21,21 +21,27 @@ These _indicators of compromise_ (IOC) indicate associated network resources whi
|
|||
|
||||
ID | IP address | Hostname | Campaign | Confidence
|
||||
-- | ---------- | -------- | -------- | ----------
|
||||
1 | [5.62.60.68](https://vuldb.com/?ip.5.62.60.68) | r-68-60-62-5.consumer-pool.prcdn.net | - | High
|
||||
2 | [5.62.62.68](https://vuldb.com/?ip.5.62.62.68) | r-68-62-62-5.consumer-pool.prcdn.net | - | High
|
||||
3 | [41.67.192.0](https://vuldb.com/?ip.41.67.192.0) | - | - | High
|
||||
4 | [41.77.80.0](https://vuldb.com/?ip.41.77.80.0) | - | - | High
|
||||
5 | [41.77.208.0](https://vuldb.com/?ip.41.77.208.0) | - | - | High
|
||||
6 | [41.78.97.10](https://vuldb.com/?ip.41.78.97.10) | - | - | High
|
||||
7 | [41.78.204.0](https://vuldb.com/?ip.41.78.204.0) | - | - | High
|
||||
8 | [41.79.128.0](https://vuldb.com/?ip.41.79.128.0) | - | - | High
|
||||
9 | [41.92.128.0](https://vuldb.com/?ip.41.92.128.0) | - | - | High
|
||||
10 | [41.190.224.0](https://vuldb.com/?ip.41.190.224.0) | - | - | High
|
||||
11 | [41.191.100.0](https://vuldb.com/?ip.41.191.100.0) | - | - | High
|
||||
12 | [41.202.192.0](https://vuldb.com/?ip.41.202.192.0) | - | - | High
|
||||
13 | ... | ... | ... | ...
|
||||
1 | [2.16.134.0](https://vuldb.com/?ip.2.16.134.0) | a2-16-134-0.deploy.static.akamaitechnologies.com | - | High
|
||||
2 | [5.62.60.68](https://vuldb.com/?ip.5.62.60.68) | r-68-60-62-5.consumer-pool.prcdn.net | - | High
|
||||
3 | [5.62.62.68](https://vuldb.com/?ip.5.62.62.68) | r-68-62-62-5.consumer-pool.prcdn.net | - | High
|
||||
4 | [41.67.192.0](https://vuldb.com/?ip.41.67.192.0) | - | - | High
|
||||
5 | [41.67.224.0](https://vuldb.com/?ip.41.67.224.0) | - | - | High
|
||||
6 | [41.77.80.0](https://vuldb.com/?ip.41.77.80.0) | - | - | High
|
||||
7 | [41.77.208.0](https://vuldb.com/?ip.41.77.208.0) | - | - | High
|
||||
8 | [41.78.97.10](https://vuldb.com/?ip.41.78.97.10) | - | - | High
|
||||
9 | [41.78.204.0](https://vuldb.com/?ip.41.78.204.0) | - | - | High
|
||||
10 | [41.79.128.0](https://vuldb.com/?ip.41.79.128.0) | - | - | High
|
||||
11 | [41.92.128.0](https://vuldb.com/?ip.41.92.128.0) | - | - | High
|
||||
12 | [41.92.152.0](https://vuldb.com/?ip.41.92.152.0) | host-0-152-92.newtelnet.info | - | High
|
||||
13 | [41.92.176.0](https://vuldb.com/?ip.41.92.176.0) | - | - | High
|
||||
14 | [41.92.184.0](https://vuldb.com/?ip.41.92.184.0) | host-0-184-92.newtelnet.info | - | High
|
||||
15 | [41.92.200.0](https://vuldb.com/?ip.41.92.200.0) | host-0-200-92.newtelnet.info | - | High
|
||||
16 | [41.92.208.0](https://vuldb.com/?ip.41.92.208.0) | host-0-208-92.newtelnet.info | - | High
|
||||
17 | [41.92.224.0](https://vuldb.com/?ip.41.92.224.0) | host-0-224-92.newtelnet.info | - | High
|
||||
18 | [41.92.248.0](https://vuldb.com/?ip.41.92.248.0) | host-0-248-92.newtelnet.info | - | High
|
||||
19 | ... | ... | ... | ...
|
||||
|
||||
There are 48 more IOC items available. Please use our online service to access the data.
|
||||
There are 70 more IOC items available. Please use our online service to access the data.
|
||||
|
||||
## TTP - Tactics, Techniques, Procedures
|
||||
|
||||
|
@ -61,44 +67,46 @@ ID | Type | Indicator | Confidence
|
|||
2 | File | `/acms/admin/cargo_types/manage_cargo_type.php` | High
|
||||
3 | File | `/admin/ajax/avatar.php` | High
|
||||
4 | File | `/admin/index.php` | High
|
||||
5 | File | `/admin/payment.php` | High
|
||||
6 | File | `/admin/show.php` | High
|
||||
7 | File | `/default.php?idx=17` | High
|
||||
8 | File | `/download` | Medium
|
||||
9 | File | `/etc/shadow` | Medium
|
||||
10 | File | `/forum/away.php` | High
|
||||
11 | File | `/index.php` | Medium
|
||||
12 | File | `/opt/bin/cli` | Medium
|
||||
13 | File | `/p` | Low
|
||||
14 | File | `/patient/doctors.php` | High
|
||||
15 | File | `/phpinventory/editcategory.php` | High
|
||||
16 | File | `/product-list.php` | High
|
||||
17 | File | `/spip.php` | Medium
|
||||
18 | File | `/uncpath/` | Medium
|
||||
19 | File | `/updown/upload.cgi` | High
|
||||
20 | File | `/user/del.php` | High
|
||||
21 | File | `/_next` | Low
|
||||
22 | File | `123flashchat.php` | High
|
||||
23 | File | `act.php` | Low
|
||||
24 | File | `admin.jcomments.php` | High
|
||||
25 | File | `admin/bad.php` | High
|
||||
26 | File | `admin/index.php` | High
|
||||
27 | File | `admin/index.php/user/del/1` | High
|
||||
28 | File | `admin/index.php?id=themes&action=edit_chunk` | High
|
||||
29 | File | `administrator/index.php` | High
|
||||
30 | File | `ajax/render/widget_php` | High
|
||||
31 | File | `album_portal.php` | High
|
||||
32 | File | `AoWinAgt` | Medium
|
||||
33 | File | `api.php` | Low
|
||||
34 | ... | ... | ...
|
||||
5 | File | `/admin/lab.php` | High
|
||||
6 | File | `/admin/payment.php` | High
|
||||
7 | File | `/admin/show.php` | High
|
||||
8 | File | `/default.php?idx=17` | High
|
||||
9 | File | `/download` | Medium
|
||||
10 | File | `/etc/shadow` | Medium
|
||||
11 | File | `/forum/away.php` | High
|
||||
12 | File | `/index.php` | Medium
|
||||
13 | File | `/opt/bin/cli` | Medium
|
||||
14 | File | `/p` | Low
|
||||
15 | File | `/patient/doctors.php` | High
|
||||
16 | File | `/phpinventory/editcategory.php` | High
|
||||
17 | File | `/product-list.php` | High
|
||||
18 | File | `/spip.php` | Medium
|
||||
19 | File | `/uncpath/` | Medium
|
||||
20 | File | `/updown/upload.cgi` | High
|
||||
21 | File | `/user/del.php` | High
|
||||
22 | File | `/_next` | Low
|
||||
23 | File | `123flashchat.php` | High
|
||||
24 | File | `act.php` | Low
|
||||
25 | File | `admin.jcomments.php` | High
|
||||
26 | File | `admin/bad.php` | High
|
||||
27 | File | `admin/index.php` | High
|
||||
28 | File | `admin/index.php/user/del/1` | High
|
||||
29 | File | `admin/index.php?id=themes&action=edit_chunk` | High
|
||||
30 | File | `administrator/index.php` | High
|
||||
31 | File | `ajax/render/widget_php` | High
|
||||
32 | File | `album_portal.php` | High
|
||||
33 | File | `AoWinAgt` | Medium
|
||||
34 | File | `api.php` | Low
|
||||
35 | ... | ... | ...
|
||||
|
||||
There are 288 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 302 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
The following list contains _external sources_ which discuss the actor and the associated activities:
|
||||
|
||||
* https://github.com/firehol/blocklist-ipsets/blob/master/geolite2_country/country_cm.netset
|
||||
* https://github.com/firehol/blocklist-ipsets/blob/master/ip2location_country/ip2location_country_cm.netset
|
||||
|
||||
## Literature
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [GB](https://vuldb.com/?country.gb)
|
||||
* ...
|
||||
|
||||
There are 29 more country items available. Please use our online service to access the data.
|
||||
There are 9 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -3210,14 +3210,12 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-28 | Pathname Traversal | High
|
||||
2 | T1055 | CWE-74 | Injection | High
|
||||
3 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
5 | T1068 | CWE-250, CWE-264, CWE-269, CWE-284 | Execution with Unnecessary Privileges | High
|
||||
6 | ... | ... | ... | ...
|
||||
1 | T1006 | CWE-22, CWE-23 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-294 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 19 more TTP items available. Please use our online service to access the data.
|
||||
There are 14 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -3225,52 +3223,40 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `.github/workflows/combine-prs.yml` | High
|
||||
2 | File | `/admin/api/admin/articles/` | High
|
||||
3 | File | `/adms/admin/?page=vehicles/sell_vehicle` | High
|
||||
4 | File | `/adms/admin/?page=vehicles/view_transaction` | High
|
||||
5 | File | `/api/common/ping` | High
|
||||
6 | File | `/api/v2/open/tablesInfo` | High
|
||||
7 | File | `/attachments` | Medium
|
||||
8 | File | `/bin/httpd` | Medium
|
||||
9 | File | `/bsms_ci/index.php/book` | High
|
||||
10 | File | `/cgi-bin/webadminget.cgi` | High
|
||||
11 | File | `/Default/Bd` | Medium
|
||||
12 | File | `/dev/block/mmcblk0rpmb` | High
|
||||
13 | File | `/DocSystem/Repos/getReposAllUsers.do` | High
|
||||
14 | File | `/etc/hosts` | Medium
|
||||
15 | File | `/face-recognition-php/facepay-master/camera.php` | High
|
||||
16 | File | `/forum/away.php` | High
|
||||
17 | File | `/forum/PostPrivateMessage` | High
|
||||
18 | File | `/fos/admin/ajax.php?action=login` | High
|
||||
19 | File | `/fos/admin/index.php?page=menu` | High
|
||||
20 | File | `/home/masterConsole` | High
|
||||
21 | File | `/home/sendBroadcast` | High
|
||||
22 | File | `/hrm/controller/employee.php` | High
|
||||
23 | File | `/hrm/employeeadd.php` | High
|
||||
24 | File | `/hrm/employeeview.php` | High
|
||||
25 | File | `/jsoa/hntdCustomDesktopActionContent` | High
|
||||
26 | File | `/lookin/info` | Medium
|
||||
27 | File | `/medicines/profile.php` | High
|
||||
28 | File | `/php-fusion/infusions/shoutbox_panel/shoutbox_archive.php` | High
|
||||
29 | File | `/product/savenewproduct.php?flag=1` | High
|
||||
30 | File | `/proxy` | Low
|
||||
31 | File | `/reports/rwservlet` | High
|
||||
32 | File | `/services/Card/findUser` | High
|
||||
33 | File | `/spip.php` | Medium
|
||||
34 | File | `/tmp` | Low
|
||||
35 | File | `/uncpath/` | Medium
|
||||
36 | File | `/vendor/htmlawed/htmlawed/htmLawedTest.php` | High
|
||||
37 | File | `/view-property.php` | High
|
||||
38 | File | `/wireless/security.asp` | High
|
||||
39 | File | `01article.php` | High
|
||||
40 | File | `AbstractScheduleJob.java` | High
|
||||
41 | File | `action.php` | Medium
|
||||
42 | File | `actionphp/download.File.php` | High
|
||||
43 | File | `ActivityRecord.java` | High
|
||||
44 | ... | ... | ...
|
||||
1 | File | `/admin.php/accessory/filesdel.html` | High
|
||||
2 | File | `/admin/` | Low
|
||||
3 | File | `/admin/?page=user/manage` | High
|
||||
4 | File | `/admin/add-new.php` | High
|
||||
5 | File | `/admin/doctors.php` | High
|
||||
6 | File | `/alphaware/summary.php` | High
|
||||
7 | File | `/APR/login.php` | High
|
||||
8 | File | `/APR/signup.php` | High
|
||||
9 | File | `/boat/login.php` | High
|
||||
10 | File | `/cgi-bin/wapopen` | High
|
||||
11 | File | `/debug/pprof` | Medium
|
||||
12 | File | `/forum/away.php` | High
|
||||
13 | File | `/mims/login.php` | High
|
||||
14 | File | `/out.php` | Medium
|
||||
15 | File | `/php-scrm/login.php` | High
|
||||
16 | File | `/public/launchNewWindow.jsp` | High
|
||||
17 | File | `/reservation/add_message.php` | High
|
||||
18 | File | `/spip.php` | Medium
|
||||
19 | File | `/textpattern/index.php` | High
|
||||
20 | File | `/tmp` | Low
|
||||
21 | File | `/video-sharing-script/watch-video.php` | High
|
||||
22 | File | `account-signup.php` | High
|
||||
23 | File | `account/signup.php` | High
|
||||
24 | File | `AcquisiAction.class.php` | High
|
||||
25 | File | `activenews_view.asp` | High
|
||||
26 | File | `adclick.php` | Medium
|
||||
27 | File | `addentry.php` | Medium
|
||||
28 | File | `admin.php` | Medium
|
||||
29 | File | `admin/?page=students/view_student` | High
|
||||
30 | File | `admin/admin.php?action=users&mode=info&user=2` | High
|
||||
31 | File | `admin/admin_editor.php` | High
|
||||
32 | ... | ... | ...
|
||||
|
||||
There are 382 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 271 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -91,9 +91,10 @@ ID | Type | Indicator | Confidence
|
|||
30 | File | `/librarian/lab.php` | High
|
||||
31 | File | `/login` | Low
|
||||
32 | File | `/mngset/authset` | High
|
||||
33 | ... | ... | ...
|
||||
33 | File | `/nova/bin/sniffer` | High
|
||||
34 | ... | ... | ...
|
||||
|
||||
There are 285 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 289 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -0,0 +1,69 @@
|
|||
# CapraRAT - Cyber Threat Intelligence
|
||||
|
||||
These _indicators_ were reported, collected, and generated during the [VulDB CTI analysis](https://vuldb.com/?kb.cti) of the actor known as [CapraRAT](https://vuldb.com/?actor.caprarat). The _activity monitoring_ correlates data from social media, forums, chat rooms, and darknet markets. It helps to determine associated actors, specific activities, expected intentions, emerging research, and ongoing attacks. Our unique _predictive model_ uses _big data_ to forecast activities and their characteristics.
|
||||
|
||||
_Live data_ and more _analysis capabilities_ are available at [https://vuldb.com/?actor.caprarat](https://vuldb.com/?actor.caprarat)
|
||||
|
||||
## Countries
|
||||
|
||||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with CapraRAT:
|
||||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
* [ID](https://vuldb.com/?country.id)
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
These _indicators of compromise_ (IOC) indicate associated network resources which are known to be part of research and attack activities of CapraRAT.
|
||||
|
||||
ID | IP address | Hostname | Campaign | Confidence
|
||||
-- | ---------- | -------- | -------- | ----------
|
||||
1 | [34.102.136.180](https://vuldb.com/?ip.34.102.136.180) | 180.136.102.34.bc.googleusercontent.com | - | Medium
|
||||
2 | [66.235.175.91](https://vuldb.com/?ip.66.235.175.91) | - | - | High
|
||||
3 | [194.233.70.54](https://vuldb.com/?ip.194.233.70.54) | vmi1131302.contaboserver.net | - | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 1 more IOC items available. Please use our online service to access the data.
|
||||
|
||||
## TTP - Tactics, Techniques, Procedures
|
||||
|
||||
_Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK techniques used by _CapraRAT_. This data is unique as it uses our predictive model for actor profiling.
|
||||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1059.007 | CWE-79 | Cross Site Scripting | High
|
||||
2 | T1068 | CWE-264 | Execution with Unnecessary Privileges | High
|
||||
3 | T1202 | CWE-78 | Command Injection | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 2 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
These _indicators of attack_ (IOA) list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration by CapraRAT. This data is unique as it uses our predictive model for actor profiling.
|
||||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/edit-db.php` | Medium
|
||||
2 | File | `admin/ueditor/uploadFile` | High
|
||||
3 | Argument | `href` | Low
|
||||
4 | ... | ... | ...
|
||||
|
||||
There are 1 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
The following list contains _external sources_ which discuss the actor and the associated activities:
|
||||
|
||||
* https://www.welivesecurity.com/2023/03/07/love-scam-espionage-transparent-tribe-lures-indian-pakistani-officials/
|
||||
|
||||
## Literature
|
||||
|
||||
The following _articles_ explain our unique predictive cyber threat intelligence:
|
||||
|
||||
* [VulDB Cyber Threat Intelligence Documentation](https://vuldb.com/?kb.cti)
|
||||
* [Cyber Threat Intelligence - Early Anticipation of Attacks](https://www.scip.ch/en/?labs.20201022)
|
||||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
|
@ -104,31 +104,32 @@ ID | Type | Indicator | Confidence
|
|||
14 | File | `/login/index.php` | High
|
||||
15 | File | `/opt/zimbra/jetty/webapps/zimbra/public` | High
|
||||
16 | File | `/owa/auth/logon.aspx` | High
|
||||
17 | File | `/phppath/php` | Medium
|
||||
18 | File | `/proc/self/exe` | High
|
||||
19 | File | `/public/login.htm` | High
|
||||
20 | File | `/server-info` | Medium
|
||||
21 | File | `/server-status` | High
|
||||
22 | File | `/uncpath/` | Medium
|
||||
23 | File | `/user/jobmanage.php` | High
|
||||
24 | File | `/user/zs_elite.php` | High
|
||||
25 | File | `/usr/bin/enq` | Medium
|
||||
26 | File | `/web/jquery/uploader/multi_uploadify.php` | High
|
||||
27 | File | `/wp-admin/admin-ajax.php` | High
|
||||
28 | File | `/wp-content/plugins/updraftplus/admin.php` | High
|
||||
29 | File | `/wp-content/plugins/woocommerce/templates/emails/plain/` | High
|
||||
30 | File | `/zhndnsdisplay.cmd` | High
|
||||
31 | File | `14all.cgi/14all-1.1.cgi/traffic.cgi/mrtg.cgi` | High
|
||||
32 | File | `about.php` | Medium
|
||||
33 | File | `acl.c` | Low
|
||||
34 | File | `adclick.php` | Medium
|
||||
35 | File | `add_comment.php` | High
|
||||
36 | File | `add_vhost.php` | High
|
||||
37 | File | `admin.php` | Medium
|
||||
38 | File | `admin/conf_users_edit.php` | High
|
||||
39 | ... | ... | ...
|
||||
17 | File | `/php-sms/classes/SystemSettings.php` | High
|
||||
18 | File | `/phppath/php` | Medium
|
||||
19 | File | `/proc/self/exe` | High
|
||||
20 | File | `/public/login.htm` | High
|
||||
21 | File | `/server-info` | Medium
|
||||
22 | File | `/server-status` | High
|
||||
23 | File | `/shell` | Low
|
||||
24 | File | `/uncpath/` | Medium
|
||||
25 | File | `/user/jobmanage.php` | High
|
||||
26 | File | `/user/zs_elite.php` | High
|
||||
27 | File | `/usr/bin/enq` | Medium
|
||||
28 | File | `/web/jquery/uploader/multi_uploadify.php` | High
|
||||
29 | File | `/wp-admin/admin-ajax.php` | High
|
||||
30 | File | `/wp-content/plugins/updraftplus/admin.php` | High
|
||||
31 | File | `/wp-content/plugins/woocommerce/templates/emails/plain/` | High
|
||||
32 | File | `/zhndnsdisplay.cmd` | High
|
||||
33 | File | `14all.cgi/14all-1.1.cgi/traffic.cgi/mrtg.cgi` | High
|
||||
34 | File | `about.php` | Medium
|
||||
35 | File | `acl.c` | Low
|
||||
36 | File | `adclick.php` | Medium
|
||||
37 | File | `add_comment.php` | High
|
||||
38 | File | `add_vhost.php` | High
|
||||
39 | File | `admin.php` | Medium
|
||||
40 | ... | ... | ...
|
||||
|
||||
There are 337 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 348 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -31,9 +31,12 @@ ID | IP address | Hostname | Campaign | Confidence
|
|||
8 | [63.136.112.0](https://vuldb.com/?ip.63.136.112.0) | - | - | High
|
||||
9 | [63.251.158.0](https://vuldb.com/?ip.63.251.158.0) | - | - | High
|
||||
10 | [64.94.58.0](https://vuldb.com/?ip.64.94.58.0) | - | - | High
|
||||
11 | ... | ... | ... | ...
|
||||
11 | [64.94.61.0](https://vuldb.com/?ip.64.94.61.0) | - | - | High
|
||||
12 | [64.94.63.0](https://vuldb.com/?ip.64.94.63.0) | - | - | High
|
||||
13 | [64.96.0.0](https://vuldb.com/?ip.64.96.0.0) | - | - | High
|
||||
14 | ... | ... | ... | ...
|
||||
|
||||
There are 40 more IOC items available. Please use our online service to access the data.
|
||||
There are 51 more IOC items available. Please use our online service to access the data.
|
||||
|
||||
## TTP - Tactics, Techniques, Procedures
|
||||
|
||||
|
@ -99,27 +102,28 @@ ID | Type | Indicator | Confidence
|
|||
42 | File | `admin/param/param_func.inc.php` | High
|
||||
43 | File | `admin/y_admin.asp` | High
|
||||
44 | File | `adminer.php` | Medium
|
||||
45 | File | `administrator/components/com_media/helpers/media.php` | High
|
||||
46 | File | `admin_ok.asp` | Medium
|
||||
47 | File | `affich.php` | Medium
|
||||
48 | File | `album_portal.php` | High
|
||||
49 | File | `al_initialize.php` | High
|
||||
50 | File | `app/Core/Paginator.php` | High
|
||||
51 | File | `app/index.php/accounts/default/details?id=2&kanbanBoard=1&openToTaskId=1` | High
|
||||
52 | File | `artlinks.dispnew.php` | High
|
||||
53 | File | `auth.php` | Medium
|
||||
54 | File | `bin/named/query.c` | High
|
||||
55 | File | `blank.php` | Medium
|
||||
56 | File | `blocklayered-ajax.php` | High
|
||||
45 | File | `administration/admins.php` | High
|
||||
46 | File | `administrator/components/com_media/helpers/media.php` | High
|
||||
47 | File | `admin_ok.asp` | Medium
|
||||
48 | File | `affich.php` | Medium
|
||||
49 | File | `album_portal.php` | High
|
||||
50 | File | `al_initialize.php` | High
|
||||
51 | File | `app/Core/Paginator.php` | High
|
||||
52 | File | `app/index.php/accounts/default/details?id=2&kanbanBoard=1&openToTaskId=1` | High
|
||||
53 | File | `artlinks.dispnew.php` | High
|
||||
54 | File | `auth.php` | Medium
|
||||
55 | File | `bin/named/query.c` | High
|
||||
56 | File | `blank.php` | Medium
|
||||
57 | ... | ... | ...
|
||||
|
||||
There are 498 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 499 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
The following list contains _external sources_ which discuss the actor and the associated activities:
|
||||
|
||||
* https://github.com/firehol/blocklist-ipsets/blob/master/geolite2_country/country_ky.netset
|
||||
* https://github.com/firehol/blocklist-ipsets/blob/master/ip2location_country/ip2location_country_ky.netset
|
||||
|
||||
## Literature
|
||||
|
||||
|
|
|
@ -54,12 +54,12 @@ ID | Type | Indicator | Confidence
|
|||
4 | File | `/forum/away.php` | High
|
||||
5 | File | `/horde/util/go.php` | High
|
||||
6 | File | `/SM8250_Q_Master/android/vendor/oppo_charger/oppo/oppo_charger.c` | High
|
||||
7 | File | `/webapps/Bb-sites-user-profile-BBLEARN/profile.form` | High
|
||||
8 | File | `/wp-content/plugins/emag-marketplace-connector/templates/order/awb-meta-box.php` | High
|
||||
9 | File | `action/addproject.php` | High
|
||||
7 | File | `/spip.php` | Medium
|
||||
8 | File | `/webapps/Bb-sites-user-profile-BBLEARN/profile.form` | High
|
||||
9 | File | `/wp-content/plugins/emag-marketplace-connector/templates/order/awb-meta-box.php` | High
|
||||
10 | ... | ... | ...
|
||||
|
||||
There are 76 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 79 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [ES](https://vuldb.com/?country.es)
|
||||
* ...
|
||||
|
||||
There are 14 more country items available. Please use our online service to access the data.
|
||||
There are 15 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -25,9 +25,11 @@ ID | IP address | Hostname | Campaign | Confidence
|
|||
2 | [5.62.62.76](https://vuldb.com/?ip.5.62.62.76) | r-76-62-62-5.consumer-pool.prcdn.net | - | High
|
||||
3 | [41.78.120.0](https://vuldb.com/?ip.41.78.120.0) | - | - | High
|
||||
4 | [41.223.184.0](https://vuldb.com/?ip.41.223.184.0) | - | - | High
|
||||
5 | ... | ... | ... | ...
|
||||
5 | [45.12.70.41](https://vuldb.com/?ip.45.12.70.41) | venture-case.get-eye.com | - | High
|
||||
6 | [45.12.71.41](https://vuldb.com/?ip.45.12.71.41) | - | - | High
|
||||
7 | ... | ... | ... | ...
|
||||
|
||||
There are 17 more IOC items available. Please use our online service to access the data.
|
||||
There are 23 more IOC items available. Please use our online service to access the data.
|
||||
|
||||
## TTP - Tactics, Techniques, Procedures
|
||||
|
||||
|
@ -52,43 +54,45 @@ ID | Type | Indicator | Confidence
|
|||
2 | File | `/acms/admin/cargo_types/manage_cargo_type.php` | High
|
||||
3 | File | `/admin/ajax/avatar.php` | High
|
||||
4 | File | `/admin/index.php` | High
|
||||
5 | File | `/admin/payment.php` | High
|
||||
6 | File | `/admin/show.php` | High
|
||||
7 | File | `/default.php?idx=17` | High
|
||||
8 | File | `/download` | Medium
|
||||
9 | File | `/forum/away.php` | High
|
||||
10 | File | `/index.php` | Medium
|
||||
11 | File | `/opt/bin/cli` | Medium
|
||||
12 | File | `/outgoing.php` | High
|
||||
13 | File | `/p` | Low
|
||||
14 | File | `/patient/doctors.php` | High
|
||||
15 | File | `/phpinventory/editcategory.php` | High
|
||||
16 | File | `/product-list.php` | High
|
||||
17 | File | `/spip.php` | Medium
|
||||
18 | File | `/uncpath/` | Medium
|
||||
19 | File | `/updown/upload.cgi` | High
|
||||
20 | File | `/user/del.php` | High
|
||||
21 | File | `/_next` | Low
|
||||
22 | File | `123flashchat.php` | High
|
||||
23 | File | `act.php` | Low
|
||||
24 | File | `admin/bad.php` | High
|
||||
25 | File | `admin/index.php` | High
|
||||
26 | File | `admin/index.php/user/del/1` | High
|
||||
27 | File | `admin/index.php?id=themes&action=edit_chunk` | High
|
||||
28 | File | `administrator/index.php` | High
|
||||
29 | File | `ajax/render/widget_php` | High
|
||||
30 | File | `album_portal.php` | High
|
||||
31 | File | `api.php` | Low
|
||||
32 | File | `application/home/controller/debug.php` | High
|
||||
33 | ... | ... | ...
|
||||
5 | File | `/admin/lab.php` | High
|
||||
6 | File | `/admin/payment.php` | High
|
||||
7 | File | `/admin/show.php` | High
|
||||
8 | File | `/default.php?idx=17` | High
|
||||
9 | File | `/download` | Medium
|
||||
10 | File | `/forum/away.php` | High
|
||||
11 | File | `/index.php` | Medium
|
||||
12 | File | `/opt/bin/cli` | Medium
|
||||
13 | File | `/outgoing.php` | High
|
||||
14 | File | `/p` | Low
|
||||
15 | File | `/patient/doctors.php` | High
|
||||
16 | File | `/phpinventory/editcategory.php` | High
|
||||
17 | File | `/product-list.php` | High
|
||||
18 | File | `/spip.php` | Medium
|
||||
19 | File | `/uncpath/` | Medium
|
||||
20 | File | `/updown/upload.cgi` | High
|
||||
21 | File | `/user/del.php` | High
|
||||
22 | File | `/_next` | Low
|
||||
23 | File | `123flashchat.php` | High
|
||||
24 | File | `act.php` | Low
|
||||
25 | File | `admin/bad.php` | High
|
||||
26 | File | `admin/index.php` | High
|
||||
27 | File | `admin/index.php/user/del/1` | High
|
||||
28 | File | `admin/index.php?id=themes&action=edit_chunk` | High
|
||||
29 | File | `administrator/index.php` | High
|
||||
30 | File | `ajax/render/widget_php` | High
|
||||
31 | File | `album_portal.php` | High
|
||||
32 | File | `api.php` | Low
|
||||
33 | File | `application/home/controller/debug.php` | High
|
||||
34 | ... | ... | ...
|
||||
|
||||
There are 283 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 293 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
The following list contains _external sources_ which discuss the actor and the associated activities:
|
||||
|
||||
* https://github.com/firehol/blocklist-ipsets/blob/master/geolite2_country/country_cf.netset
|
||||
* https://github.com/firehol/blocklist-ipsets/blob/master/ip2location_country/ip2location_country_cf.netset
|
||||
|
||||
## Literature
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [CN](https://vuldb.com/?country.cn)
|
||||
* ...
|
||||
|
||||
There are 5 more country items available. Please use our online service to access the data.
|
||||
There are 7 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -112,10 +112,9 @@ ID | Technique | Weakness | Description | Confidence
|
|||
2 | T1040 | CWE-294, CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
5 | ... | ... | ... | ...
|
||||
|
||||
There are 19 more TTP items available. Please use our online service to access the data.
|
||||
There are 18 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -135,39 +134,40 @@ ID | Type | Indicator | Confidence
|
|||
10 | File | `/config/getuser` | High
|
||||
11 | File | `/dashboard/contact` | High
|
||||
12 | File | `/debug/pprof` | Medium
|
||||
13 | File | `/dev/bus` | Medium
|
||||
13 | File | `/ecshop/admin/template.php` | High
|
||||
14 | File | `/example/editor` | High
|
||||
15 | File | `/files/$username/Myfolder/Mysubfolder/shared.txt` | High
|
||||
16 | File | `/forum/away.php` | High
|
||||
15 | File | `/forum/away.php` | High
|
||||
16 | File | `/forum/PostPrivateMessage` | High
|
||||
17 | File | `/HNAP1` | Low
|
||||
18 | File | `/index` | Low
|
||||
19 | File | `/iu-application/controllers/administration/auth.php` | High
|
||||
20 | File | `/jerry-core/ecma/operations/ecma-objects.c` | High
|
||||
18 | File | `/home/www/cgi-bin/login.cgi` | High
|
||||
19 | File | `/index` | Low
|
||||
20 | File | `/iu-application/controllers/administration/auth.php` | High
|
||||
21 | File | `/Kofax/KFS/ThinClient/document/upload/` | High
|
||||
22 | File | `/leave_system/classes/Master.php?f=delete_department` | High
|
||||
23 | File | `/module/module_frame/index.php` | High
|
||||
24 | File | `/music/ajax.php` | High
|
||||
25 | File | `/northstar/Admin/changePassword.jsp` | High
|
||||
26 | File | `/obs/book.php` | High
|
||||
27 | File | `/orms/` | Low
|
||||
28 | File | `/ossn/administrator/com_installer` | High
|
||||
29 | File | `/pms/update_user.php?user_id=1` | High
|
||||
30 | File | `/sre/params.php` | High
|
||||
31 | File | `/tensorflow/core/grappler/optimizers/arithmetic_optimizer.cc` | High
|
||||
32 | File | `/tmp` | Low
|
||||
33 | File | `/tmp/xbindkeysrc-tmp` | High
|
||||
34 | File | `/user/upload/upload` | High
|
||||
35 | File | `/Users` | Low
|
||||
36 | File | `/var/spool/hylafax` | High
|
||||
37 | File | `/vendor` | Low
|
||||
38 | File | `/whbs/?page=my_bookings` | High
|
||||
39 | File | `access_rules/rules_form` | High
|
||||
40 | File | `accountrecoveryendpoint/recoverpassword.do` | High
|
||||
41 | File | `action/addproject.php` | High
|
||||
42 | File | `adclick.php` | Medium
|
||||
43 | ... | ... | ...
|
||||
24 | File | `/net-banking/customer_transactions.php` | High
|
||||
25 | File | `/obs/book.php` | High
|
||||
26 | File | `/ossn/administrator/com_installer` | High
|
||||
27 | File | `/pms/update_user.php?user_id=1` | High
|
||||
28 | File | `/sre/params.php` | High
|
||||
29 | File | `/tensorflow/core/grappler/optimizers/arithmetic_optimizer.cc` | High
|
||||
30 | File | `/tmp` | Low
|
||||
31 | File | `/tmp/xbindkeysrc-tmp` | High
|
||||
32 | File | `/user/upload/upload` | High
|
||||
33 | File | `/Users` | Low
|
||||
34 | File | `/var/spool/hylafax` | High
|
||||
35 | File | `/vendor` | Low
|
||||
36 | File | `/whbs/?page=my_bookings` | High
|
||||
37 | File | `access_rules/rules_form` | High
|
||||
38 | File | `accountrecoveryendpoint/recoverpassword.do` | High
|
||||
39 | File | `action/addproject.php` | High
|
||||
40 | File | `adclick.php` | Medium
|
||||
41 | File | `add_contestant.php` | High
|
||||
42 | File | `admin.php` | Medium
|
||||
43 | File | `admin/ajax.attachment.php` | High
|
||||
44 | ... | ... | ...
|
||||
|
||||
There are 371 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 379 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -44,7 +44,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 19 more TTP items available. Please use our online service to access the data.
|
||||
There are 18 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -81,10 +81,11 @@ ID | Type | Indicator | Confidence
|
|||
27 | File | `AccountStatus.jsp` | High
|
||||
28 | File | `add.php` | Low
|
||||
29 | File | `addentry.php` | Medium
|
||||
30 | File | `admin.php` | Medium
|
||||
31 | ... | ... | ...
|
||||
30 | File | `admin.a6mambocredits.php` | High
|
||||
31 | File | `admin.cropcanvas.php` | High
|
||||
32 | ... | ... | ...
|
||||
|
||||
There are 263 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 271 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -9,11 +9,11 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
|
|||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Chad Unknown:
|
||||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [ES](https://vuldb.com/?country.es)
|
||||
* [FR](https://vuldb.com/?country.fr)
|
||||
* [ES](https://vuldb.com/?country.es)
|
||||
* ...
|
||||
|
||||
There are 14 more country items available. Please use our online service to access the data.
|
||||
There are 15 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -54,37 +54,38 @@ ID | Type | Indicator | Confidence
|
|||
2 | File | `/acms/admin/cargo_types/manage_cargo_type.php` | High
|
||||
3 | File | `/admin/ajax/avatar.php` | High
|
||||
4 | File | `/admin/index.php` | High
|
||||
5 | File | `/admin/payment.php` | High
|
||||
6 | File | `/admin/show.php` | High
|
||||
7 | File | `/default.php?idx=17` | High
|
||||
8 | File | `/download` | Medium
|
||||
9 | File | `/forum/away.php` | High
|
||||
10 | File | `/index.php` | Medium
|
||||
11 | File | `/opt/bin/cli` | Medium
|
||||
12 | File | `/p` | Low
|
||||
13 | File | `/patient/doctors.php` | High
|
||||
14 | File | `/phpinventory/editcategory.php` | High
|
||||
15 | File | `/product-list.php` | High
|
||||
16 | File | `/spip.php` | Medium
|
||||
17 | File | `/uncpath/` | Medium
|
||||
18 | File | `/updown/upload.cgi` | High
|
||||
19 | File | `/user/del.php` | High
|
||||
20 | File | `/_next` | Low
|
||||
21 | File | `123flashchat.php` | High
|
||||
22 | File | `act.php` | Low
|
||||
23 | File | `admin.php` | Medium
|
||||
24 | File | `admin/bad.php` | High
|
||||
25 | File | `admin/index.php` | High
|
||||
26 | File | `admin/index.php/user/del/1` | High
|
||||
27 | File | `admin/index.php?id=themes&action=edit_chunk` | High
|
||||
28 | File | `administrator/index.php` | High
|
||||
29 | File | `ajax/render/widget_php` | High
|
||||
30 | File | `album_portal.php` | High
|
||||
31 | File | `api.php` | Low
|
||||
32 | File | `application/home/controller/debug.php` | High
|
||||
33 | ... | ... | ...
|
||||
5 | File | `/admin/lab.php` | High
|
||||
6 | File | `/admin/payment.php` | High
|
||||
7 | File | `/admin/show.php` | High
|
||||
8 | File | `/default.php?idx=17` | High
|
||||
9 | File | `/download` | Medium
|
||||
10 | File | `/forum/away.php` | High
|
||||
11 | File | `/index.php` | Medium
|
||||
12 | File | `/opt/bin/cli` | Medium
|
||||
13 | File | `/p` | Low
|
||||
14 | File | `/patient/doctors.php` | High
|
||||
15 | File | `/phpinventory/editcategory.php` | High
|
||||
16 | File | `/product-list.php` | High
|
||||
17 | File | `/spip.php` | Medium
|
||||
18 | File | `/uncpath/` | Medium
|
||||
19 | File | `/updown/upload.cgi` | High
|
||||
20 | File | `/user/del.php` | High
|
||||
21 | File | `/_next` | Low
|
||||
22 | File | `123flashchat.php` | High
|
||||
23 | File | `act.php` | Low
|
||||
24 | File | `admin.php` | Medium
|
||||
25 | File | `admin/bad.php` | High
|
||||
26 | File | `admin/index.php` | High
|
||||
27 | File | `admin/index.php/user/del/1` | High
|
||||
28 | File | `admin/index.php?id=themes&action=edit_chunk` | High
|
||||
29 | File | `administrator/index.php` | High
|
||||
30 | File | `ajax/render/widget_php` | High
|
||||
31 | File | `album_portal.php` | High
|
||||
32 | File | `api.php` | Low
|
||||
33 | File | `application/home/controller/debug.php` | High
|
||||
34 | ... | ... | ...
|
||||
|
||||
There are 286 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 293 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -55,19 +55,19 @@ ID | Type | Indicator | Confidence
|
|||
-- | ---- | --------- | ----------
|
||||
1 | File | `//etc/RT2870STA.dat` | High
|
||||
2 | File | `/admin/index.php?id=themes&action=edit_template&filename=blog` | High
|
||||
3 | File | `/bin/boa` | Medium
|
||||
4 | File | `/cgi-bin/wapopen` | High
|
||||
5 | File | `/cwp_{SESSION_HASH}/admin/loader_ajax.php` | High
|
||||
6 | File | `/jquery_file_upload/server/php/index.php` | High
|
||||
7 | File | `/librarian/bookdetails.php` | High
|
||||
8 | File | `/magnoliaPublic/travel/members/login.html` | High
|
||||
9 | File | `/Main_AdmStatus_Content.asp` | High
|
||||
10 | File | `/requests.php` | High
|
||||
11 | File | `/uncpath/` | Medium
|
||||
12 | File | `/var/log/nginx` | High
|
||||
3 | File | `/appConfig/userDB.json` | High
|
||||
4 | File | `/bin/boa` | Medium
|
||||
5 | File | `/cgi-bin/wapopen` | High
|
||||
6 | File | `/cwp_{SESSION_HASH}/admin/loader_ajax.php` | High
|
||||
7 | File | `/jquery_file_upload/server/php/index.php` | High
|
||||
8 | File | `/librarian/bookdetails.php` | High
|
||||
9 | File | `/magnoliaPublic/travel/members/login.html` | High
|
||||
10 | File | `/Main_AdmStatus_Content.asp` | High
|
||||
11 | File | `/requests.php` | High
|
||||
12 | File | `/uncpath/` | Medium
|
||||
13 | ... | ... | ...
|
||||
|
||||
There are 103 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 106 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -53,28 +53,28 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/../conf/config.properties` | High
|
||||
2 | File | `/admin.php/singer/admin/lists/zhuan` | High
|
||||
3 | File | `/admin.php/User/level_sort` | High
|
||||
4 | File | `/authUserAction!edit.action` | High
|
||||
5 | File | `/baseOpLog.do` | High
|
||||
6 | File | `/blog/edit` | Medium
|
||||
7 | File | `/bmis/pages/resident/resident.php` | High
|
||||
8 | File | `/cgi-bin/luci/api/auth` | High
|
||||
9 | File | `/cgi-bin/luci/api/wireless` | High
|
||||
10 | File | `/cgi-bin/mesh.cgi?page=upgrade` | High
|
||||
11 | File | `/cgi-bin/uploadWeiXinPic` | High
|
||||
12 | File | `/claire_blake` | High
|
||||
13 | File | `/core/admin/categories.php` | High
|
||||
14 | File | `/dashboard/contact` | High
|
||||
15 | File | `/debug/pprof` | Medium
|
||||
16 | File | `/dms/admin/reports/daily_collection_report.php` | High
|
||||
17 | File | `/etc/config/cameo` | High
|
||||
18 | File | `/export` | Low
|
||||
19 | File | `/files.md5` | Medium
|
||||
20 | File | `/food/admin/all_users.php` | High
|
||||
21 | File | `/forum/away.php` | High
|
||||
22 | File | `/hrm/employeeview.php` | High
|
||||
1 | File | `/admin.php/singer/admin/lists/zhuan` | High
|
||||
2 | File | `/admin.php/User/level_sort` | High
|
||||
3 | File | `/authUserAction!edit.action` | High
|
||||
4 | File | `/baseOpLog.do` | High
|
||||
5 | File | `/blog/edit` | Medium
|
||||
6 | File | `/bmis/pages/resident/resident.php` | High
|
||||
7 | File | `/cgi-bin/luci/api/auth` | High
|
||||
8 | File | `/cgi-bin/luci/api/wireless` | High
|
||||
9 | File | `/cgi-bin/mesh.cgi?page=upgrade` | High
|
||||
10 | File | `/cgi-bin/uploadWeiXinPic` | High
|
||||
11 | File | `/claire_blake` | High
|
||||
12 | File | `/core/admin/categories.php` | High
|
||||
13 | File | `/dashboard/contact` | High
|
||||
14 | File | `/debug/pprof` | Medium
|
||||
15 | File | `/dms/admin/reports/daily_collection_report.php` | High
|
||||
16 | File | `/etc/config/cameo` | High
|
||||
17 | File | `/export` | Low
|
||||
18 | File | `/files.md5` | Medium
|
||||
19 | File | `/food/admin/all_users.php` | High
|
||||
20 | File | `/forum/away.php` | High
|
||||
21 | File | `/hrm/employeeview.php` | High
|
||||
22 | File | `/htdocs/cgibin` | High
|
||||
23 | File | `/images/` | Medium
|
||||
24 | File | `/isms/classes/Users.php` | High
|
||||
25 | File | `/login` | Low
|
||||
|
@ -86,7 +86,7 @@ ID | Type | Indicator | Confidence
|
|||
31 | File | `/out.php` | Medium
|
||||
32 | ... | ... | ...
|
||||
|
||||
There are 272 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 274 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -18,10 +18,10 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
* [NL](https://vuldb.com/?country.nl)
|
||||
* [ES](https://vuldb.com/?country.es)
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* ...
|
||||
|
||||
There are 14 more country items available. Please use our online service to access the data.
|
||||
There are 13 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -63,13 +63,13 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-28 | Pathname Traversal | High
|
||||
2 | T1055 | CWE-74 | Injection | High
|
||||
3 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
|
||||
4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
5 | T1068 | CWE-264, CWE-269, CWE-284 | Execution with Unnecessary Privileges | High
|
||||
2 | T1040 | CWE-294, CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 18 more TTP items available. Please use our online service to access the data.
|
||||
There are 19 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -78,37 +78,45 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/about.php` | Medium
|
||||
2 | File | `/admin/submit-articles` | High
|
||||
3 | File | `/admin/subnets/ripe-query.php` | High
|
||||
4 | File | `/ad_js.php` | Medium
|
||||
5 | File | `/app/options.py` | High
|
||||
6 | File | `/attachments` | Medium
|
||||
7 | File | `/cgi-bin/login.cgi` | High
|
||||
8 | File | `/cgi-bin/luci/api/wireless` | High
|
||||
9 | File | `/ci_hms/massage_room/edit/1` | High
|
||||
10 | File | `/context/%2e/WEB-INF/web.xml` | High
|
||||
11 | File | `/core/conditions/AbstractWrapper.java` | High
|
||||
12 | File | `/dashboard/reports/logs/view` | High
|
||||
13 | File | `/debian/patches/load_ppp_generic_if_needed` | High
|
||||
14 | File | `/debug/pprof` | Medium
|
||||
15 | File | `/etc/hosts` | Medium
|
||||
16 | File | `/export` | Low
|
||||
17 | File | `/goform/setmac` | High
|
||||
18 | File | `/goform/wizard_end` | High
|
||||
19 | File | `/hardware` | Medium
|
||||
20 | File | `/hprms/admin/doctors/manage_doctor.php` | High
|
||||
21 | File | `/index/jobfairol/show/` | High
|
||||
22 | File | `/librarian/bookdetails.php` | High
|
||||
23 | File | `/manage-apartment.php` | High
|
||||
24 | File | `/modules/caddyhttp/rewrite/rewrite.go` | High
|
||||
25 | File | `/opt/zimbra/jetty/webapps/zimbra/public` | High
|
||||
26 | File | `/pages/apply_vacancy.php` | High
|
||||
27 | File | `/plugin/LiveChat/getChat.json.php` | High
|
||||
28 | File | `/proc/<PID>/mem` | High
|
||||
29 | File | `/proxy` | Low
|
||||
30 | ... | ... | ...
|
||||
2 | File | `/admin.php/accessory/filesdel.html` | High
|
||||
3 | File | `/admin/?page=user/manage` | High
|
||||
4 | File | `/admin/add-new.php` | High
|
||||
5 | File | `/admin/doctors.php` | High
|
||||
6 | File | `/admin/submit-articles` | High
|
||||
7 | File | `/admin/subnets/ripe-query.php` | High
|
||||
8 | File | `/ad_js.php` | Medium
|
||||
9 | File | `/alphaware/summary.php` | High
|
||||
10 | File | `/api/` | Low
|
||||
11 | File | `/api/admin/store/product/list` | High
|
||||
12 | File | `/attachments` | Medium
|
||||
13 | File | `/boat/login.php` | High
|
||||
14 | File | `/bsms_ci/index.php/book` | High
|
||||
15 | File | `/cgi-bin/luci/api/wireless` | High
|
||||
16 | File | `/context/%2e/WEB-INF/web.xml` | High
|
||||
17 | File | `/dashboard/reports/logs/view` | High
|
||||
18 | File | `/debian/patches/load_ppp_generic_if_needed` | High
|
||||
19 | File | `/debug/pprof` | Medium
|
||||
20 | File | `/etc/hosts` | Medium
|
||||
21 | File | `/export` | Low
|
||||
22 | File | `/forum/away.php` | High
|
||||
23 | File | `/goform/setmac` | High
|
||||
24 | File | `/goform/wizard_end` | High
|
||||
25 | File | `/hardware` | Medium
|
||||
26 | File | `/manage-apartment.php` | High
|
||||
27 | File | `/medicines/profile.php` | High
|
||||
28 | File | `/modules/caddyhttp/rewrite/rewrite.go` | High
|
||||
29 | File | `/opt/zimbra/jetty/webapps/zimbra/public` | High
|
||||
30 | File | `/pages/apply_vacancy.php` | High
|
||||
31 | File | `/proc/<PID>/mem` | High
|
||||
32 | File | `/proxy` | Low
|
||||
33 | File | `/reservation/add_message.php` | High
|
||||
34 | File | `/spip.php` | Medium
|
||||
35 | File | `/tmp` | Low
|
||||
36 | File | `/uncpath/` | Medium
|
||||
37 | File | `/upload` | Low
|
||||
38 | ... | ... | ...
|
||||
|
||||
There are 256 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 330 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -9,11 +9,11 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
|
|||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Chile Unknown:
|
||||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [ES](https://vuldb.com/?country.es)
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
* [ES](https://vuldb.com/?country.es)
|
||||
* ...
|
||||
|
||||
There are 29 more country items available. Please use our online service to access the data.
|
||||
There are 8 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -266,14 +266,12 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22 | Pathname Traversal | High
|
||||
1 | T1006 | CWE-22 | Pathname Traversal | High
|
||||
2 | T1055 | CWE-74 | Injection | High
|
||||
3 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
5 | T1068 | CWE-264, CWE-269, CWE-284 | Execution with Unnecessary Privileges | High
|
||||
6 | ... | ... | ... | ...
|
||||
3 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 19 more TTP items available. Please use our online service to access the data.
|
||||
There are 14 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -281,72 +279,38 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `.github/workflows/combine-prs.yml` | High
|
||||
2 | File | `.php.gif` | Medium
|
||||
3 | File | `.procmailrc` | Medium
|
||||
4 | File | `/?admin/user.html` | High
|
||||
5 | File | `/Admin/add-student.php` | High
|
||||
6 | File | `/admin/api/admin/articles/` | High
|
||||
7 | File | `/Admin/login.php` | High
|
||||
8 | File | `/admin/submit-articles` | High
|
||||
9 | File | `/apilog.php` | Medium
|
||||
10 | File | `/cgi-bin/webadminget.cgi` | High
|
||||
11 | File | `/connectors/index.php` | High
|
||||
12 | File | `/Default/Bd` | Medium
|
||||
13 | File | `/DesignTools/CssEditor.aspx` | High
|
||||
14 | File | `/dev/block/mmcblk0rpmb` | High
|
||||
15 | File | `/DocSystem/Repos/getReposAllUsers.do` | High
|
||||
16 | File | `/employeeview.php` | High
|
||||
17 | File | `/face-recognition-php/facepay-master/camera.php` | High
|
||||
18 | File | `/forum/away.php` | High
|
||||
19 | File | `/forum/PostPrivateMessage` | High
|
||||
20 | File | `/fos/admin/ajax.php?action=login` | High
|
||||
21 | File | `/fos/admin/index.php?page=menu` | High
|
||||
22 | File | `/home/masterConsole` | High
|
||||
23 | File | `/home/sendBroadcast` | High
|
||||
24 | File | `/hrm/controller/employee.php` | High
|
||||
25 | File | `/hrm/employeeadd.php` | High
|
||||
26 | File | `/hrm/employeeview.php` | High
|
||||
27 | File | `/index.php` | Medium
|
||||
28 | File | `/items/view_item.php` | High
|
||||
29 | File | `/jsoa/hntdCustomDesktopActionContent` | High
|
||||
30 | File | `/lookin/info` | Medium
|
||||
31 | File | `/manager/index.php` | High
|
||||
32 | File | `/medical/inventories.php` | High
|
||||
33 | File | `/modules/profile/index.php` | High
|
||||
34 | File | `/modules/projects/vw_files.php` | High
|
||||
35 | File | `/modules/public/calendar.php` | High
|
||||
36 | File | `/net/nfc/netlink.c` | High
|
||||
37 | File | `/newsDia.php` | Medium
|
||||
38 | File | `/out.php` | Medium
|
||||
39 | File | `/php_action/editProductImage.php` | High
|
||||
40 | File | `/product/savenewproduct.php?flag=1` | High
|
||||
41 | File | `/proxy` | Low
|
||||
42 | File | `/Redcock-Farm/farm/category.php` | High
|
||||
43 | File | `/reports/rwservlet` | High
|
||||
44 | File | `/sacco_shield/manage_user.php` | High
|
||||
45 | File | `/services/Card/findUser` | High
|
||||
46 | File | `/spip.php` | Medium
|
||||
47 | File | `/sqlitemanager/main.php?dbsel=-1%20or%2072%20=%2072` | High
|
||||
48 | File | `/staff/bookdetails.php` | High
|
||||
49 | File | `/uncpath/` | Medium
|
||||
50 | File | `/user/update_booking.php` | High
|
||||
51 | File | `/view-property.php` | High
|
||||
52 | File | `/Wedding-Management-PHP/admin/photos_add.php` | High
|
||||
53 | File | `/wireless/security.asp` | High
|
||||
54 | File | `/wordpress/wp-admin/options-general.php` | High
|
||||
55 | File | `/wp-admin/admin-ajax.php` | High
|
||||
56 | File | `/wp-content/plugins/updraftplus/admin.php` | High
|
||||
57 | File | `/_next` | Low
|
||||
58 | File | `01article.php` | High
|
||||
59 | File | `5.2.9\syscrb.exe` | High
|
||||
60 | File | `AbstractScheduleJob.java` | High
|
||||
61 | File | `actionphp/download.File.php` | High
|
||||
62 | File | `adclick.php` | Medium
|
||||
63 | File | `addtocart.asp` | High
|
||||
64 | ... | ... | ...
|
||||
1 | File | `/admin/` | Low
|
||||
2 | File | `/APR/login.php` | High
|
||||
3 | File | `/APR/signup.php` | High
|
||||
4 | File | `/cgi-bin/wapopen` | High
|
||||
5 | File | `/forum/away.php` | High
|
||||
6 | File | `/mims/login.php` | High
|
||||
7 | File | `/mygym/admin/index.php?view_exercises` | High
|
||||
8 | File | `/out.php` | Medium
|
||||
9 | File | `/php-opos/index.php` | High
|
||||
10 | File | `/php-scrm/login.php` | High
|
||||
11 | File | `/public/launchNewWindow.jsp` | High
|
||||
12 | File | `/spip.php` | Medium
|
||||
13 | File | `/textpattern/index.php` | High
|
||||
14 | File | `/tmp` | Low
|
||||
15 | File | `account-signup.php` | High
|
||||
16 | File | `account/signup.php` | High
|
||||
17 | File | `activenews_view.asp` | High
|
||||
18 | File | `addentry.php` | Medium
|
||||
19 | File | `admin.php` | Medium
|
||||
20 | File | `admin/?page=students/view_student` | High
|
||||
21 | File | `admin/admin.php?action=users&mode=info&user=2` | High
|
||||
22 | File | `admin/admin_editor.php` | High
|
||||
23 | File | `admin/conf_users_edit.php` | High
|
||||
24 | File | `adminer.php` | Medium
|
||||
25 | File | `articulo.php` | Medium
|
||||
26 | File | `art_detalle.php` | High
|
||||
27 | File | `banner_add_edit.asp` | High
|
||||
28 | File | `Bin/ConnectWiseControl.Client.exe` | High
|
||||
29 | File | `blocks/block-Old_Articles.php` | High
|
||||
30 | ... | ... | ...
|
||||
|
||||
There are 564 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 252 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -39,7 +39,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 20 more TTP items available. Please use our online service to access the data.
|
||||
There are 18 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -47,39 +47,41 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `.FBCIndex` | Medium
|
||||
2 | File | `/.env` | Low
|
||||
3 | File | `/.ssh/authorized_keys` | High
|
||||
4 | File | `/as/authorization.oauth2` | High
|
||||
5 | File | `/blogengine/api/posts` | High
|
||||
6 | File | `/cgi-bin/api-get_line_status` | High
|
||||
7 | File | `/cgi-bin/luci` | High
|
||||
8 | File | `/cgi-bin/luci/api/auth` | High
|
||||
9 | File | `/cgi-bin/nobody/VerifyCode.cgi` | High
|
||||
10 | File | `/cgi-bin/upload_vpntar` | High
|
||||
11 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
12 | File | `/Content/Template/root/reverse-shell.aspx` | High
|
||||
1 | File | `/.env` | Low
|
||||
2 | File | `/admin/patient.php` | High
|
||||
3 | File | `/as/authorization.oauth2` | High
|
||||
4 | File | `/blogengine/api/posts` | High
|
||||
5 | File | `/cgi-bin/api-get_line_status` | High
|
||||
6 | File | `/cgi-bin/luci/api/auth` | High
|
||||
7 | File | `/cgi-bin/nobody/VerifyCode.cgi` | High
|
||||
8 | File | `/cgi-bin/supervisor/PwdGrp.cgi` | High
|
||||
9 | File | `/cgi-bin/upload_vpntar` | High
|
||||
10 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
11 | File | `/Content/Template/root/reverse-shell.aspx` | High
|
||||
12 | File | `/DXR.axd` | Medium
|
||||
13 | File | `/export` | Low
|
||||
14 | File | `/forum/away.php` | High
|
||||
15 | File | `/h/calendar` | Medium
|
||||
16 | File | `/hrm/controller/employee.php` | High
|
||||
17 | File | `/login/index.php` | High
|
||||
18 | File | `/mkshope/login.php` | High
|
||||
19 | File | `/network_test.php` | High
|
||||
20 | File | `/obs/book.php` | High
|
||||
21 | File | `/products/view_product.php` | High
|
||||
22 | File | `/public/launchNewWindow.jsp` | High
|
||||
23 | File | `/public/login.htm` | High
|
||||
24 | File | `/rules/REQUEST-942-APPLICATION-ATTACK-SQLI.conf` | High
|
||||
25 | File | `/secure/QueryComponent!Default.jspa` | High
|
||||
26 | File | `/self.key` | Medium
|
||||
27 | File | `/services/view_service.php` | High
|
||||
28 | File | `/shell` | Low
|
||||
29 | File | `/spip.php` | Medium
|
||||
30 | File | `/uncpath/` | Medium
|
||||
31 | ... | ... | ...
|
||||
14 | File | `/filemanager/php/connector.php` | High
|
||||
15 | File | `/forum/away.php` | High
|
||||
16 | File | `/login/index.php` | High
|
||||
17 | File | `/modules/projects/vw_files.php` | High
|
||||
18 | File | `/obs/book.php` | High
|
||||
19 | File | `/products/view_product.php` | High
|
||||
20 | File | `/public/login.htm` | High
|
||||
21 | File | `/rukovoditel/index.php?module=users/login` | High
|
||||
22 | File | `/secure/QueryComponent!Default.jspa` | High
|
||||
23 | File | `/shell` | Low
|
||||
24 | File | `/spip.php` | Medium
|
||||
25 | File | `/uncpath/` | Medium
|
||||
26 | File | `/usr/bin/tddp` | High
|
||||
27 | File | `/vendor/htmlawed/htmlawed/htmLawedTest.php` | High
|
||||
28 | File | `/wp-admin/admin-ajax.php` | High
|
||||
29 | File | `/wp-admin/options.php` | High
|
||||
30 | File | `/wp-json/wc/v3/webhooks` | High
|
||||
31 | File | `14all.cgi/14all-1.1.cgi/traffic.cgi/mrtg.cgi` | High
|
||||
32 | File | `adclick.php` | Medium
|
||||
33 | ... | ... | ...
|
||||
|
||||
There are 262 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 284 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -21,10 +21,10 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
* [NL](https://vuldb.com/?country.nl)
|
||||
* [JP](https://vuldb.com/?country.jp)
|
||||
* ...
|
||||
|
||||
There are 8 more country items available. Please use our online service to access the data.
|
||||
There are 9 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -1659,10 +1659,11 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23 | Pathname Traversal | High
|
||||
1 | T1006 | CWE-22, CWE-23 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-294 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | ... | ... | ... | ...
|
||||
4 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
5 | ... | ... | ... | ...
|
||||
|
||||
There are 14 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
|
@ -1681,26 +1682,31 @@ ID | Type | Indicator | Confidence
|
|||
7 | File | `/APR/login.php` | High
|
||||
8 | File | `/APR/signup.php` | High
|
||||
9 | File | `/boat/login.php` | High
|
||||
10 | File | `/debug/pprof` | Medium
|
||||
11 | File | `/etc/openstack-dashboard/local_settings` | High
|
||||
12 | File | `/forum/away.php` | High
|
||||
13 | File | `/mims/login.php` | High
|
||||
14 | File | `/mygym/admin/index.php?view_exercises` | High
|
||||
15 | File | `/php-opos/index.php` | High
|
||||
16 | File | `/php-scrm/login.php` | High
|
||||
17 | File | `/reservation/add_message.php` | High
|
||||
18 | File | `/secure/QueryComponent!Default.jspa` | High
|
||||
19 | File | `/textpattern/index.php` | High
|
||||
20 | File | `/tmp` | Low
|
||||
21 | File | `/video-sharing-script/watch-video.php` | High
|
||||
22 | File | `account-signup.php` | High
|
||||
23 | File | `account/signup.php` | High
|
||||
24 | File | `addentry.php` | Medium
|
||||
25 | File | `admin.php` | Medium
|
||||
26 | File | `admin/admin.php?action=users&mode=info&user=2` | High
|
||||
27 | ... | ... | ...
|
||||
10 | File | `/cgi-bin/wapopen` | High
|
||||
11 | File | `/debug/pprof` | Medium
|
||||
12 | File | `/etc/openstack-dashboard/local_settings` | High
|
||||
13 | File | `/forum/away.php` | High
|
||||
14 | File | `/goform/addressNat` | High
|
||||
15 | File | `/HNAP1/SetClientInfo` | High
|
||||
16 | File | `/mims/login.php` | High
|
||||
17 | File | `/php-scrm/login.php` | High
|
||||
18 | File | `/public/launchNewWindow.jsp` | High
|
||||
19 | File | `/reservation/add_message.php` | High
|
||||
20 | File | `/secure/QueryComponent!Default.jspa` | High
|
||||
21 | File | `/textpattern/index.php` | High
|
||||
22 | File | `/tmp` | Low
|
||||
23 | File | `/video-sharing-script/watch-video.php` | High
|
||||
24 | File | `account-signup.php` | High
|
||||
25 | File | `account/signup.php` | High
|
||||
26 | File | `Acl.asp` | Low
|
||||
27 | File | `AcquisiAction.class.php` | High
|
||||
28 | File | `activenews_view.asp` | High
|
||||
29 | File | `addentry.php` | Medium
|
||||
30 | File | `admin.php` | Medium
|
||||
31 | File | `admin/?page=reports&date_from=2023-02-17&date_to=2023-03-17` | High
|
||||
32 | ... | ... | ...
|
||||
|
||||
There are 229 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 269 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -51,37 +51,38 @@ ID | Type | Indicator | Confidence
|
|||
2 | File | `/acms/admin/cargo_types/manage_cargo_type.php` | High
|
||||
3 | File | `/admin/ajax/avatar.php` | High
|
||||
4 | File | `/admin/index.php` | High
|
||||
5 | File | `/admin/payment.php` | High
|
||||
6 | File | `/admin/show.php` | High
|
||||
7 | File | `/default.php?idx=17` | High
|
||||
8 | File | `/download` | Medium
|
||||
9 | File | `/forum/away.php` | High
|
||||
10 | File | `/index.php` | Medium
|
||||
11 | File | `/opt/bin/cli` | Medium
|
||||
12 | File | `/p` | Low
|
||||
13 | File | `/patient/doctors.php` | High
|
||||
14 | File | `/phpinventory/editcategory.php` | High
|
||||
15 | File | `/product-list.php` | High
|
||||
16 | File | `/spip.php` | Medium
|
||||
17 | File | `/uncpath/` | Medium
|
||||
18 | File | `/updown/upload.cgi` | High
|
||||
19 | File | `/user/del.php` | High
|
||||
20 | File | `/_next` | Low
|
||||
21 | File | `123flashchat.php` | High
|
||||
22 | File | `act.php` | Low
|
||||
23 | File | `admin/bad.php` | High
|
||||
24 | File | `admin/index.php` | High
|
||||
25 | File | `admin/index.php/user/del/1` | High
|
||||
26 | File | `admin/index.php?id=themes&action=edit_chunk` | High
|
||||
27 | File | `administrator/index.php` | High
|
||||
28 | File | `ajax/render/widget_php` | High
|
||||
29 | File | `album_portal.php` | High
|
||||
30 | File | `api.php` | Low
|
||||
31 | File | `application/home/controller/debug.php` | High
|
||||
32 | File | `articulo.php` | Medium
|
||||
33 | ... | ... | ...
|
||||
5 | File | `/admin/lab.php` | High
|
||||
6 | File | `/admin/payment.php` | High
|
||||
7 | File | `/admin/show.php` | High
|
||||
8 | File | `/default.php?idx=17` | High
|
||||
9 | File | `/download` | Medium
|
||||
10 | File | `/forum/away.php` | High
|
||||
11 | File | `/index.php` | Medium
|
||||
12 | File | `/opt/bin/cli` | Medium
|
||||
13 | File | `/p` | Low
|
||||
14 | File | `/patient/doctors.php` | High
|
||||
15 | File | `/phpinventory/editcategory.php` | High
|
||||
16 | File | `/product-list.php` | High
|
||||
17 | File | `/spip.php` | Medium
|
||||
18 | File | `/uncpath/` | Medium
|
||||
19 | File | `/updown/upload.cgi` | High
|
||||
20 | File | `/user/del.php` | High
|
||||
21 | File | `/_next` | Low
|
||||
22 | File | `123flashchat.php` | High
|
||||
23 | File | `act.php` | Low
|
||||
24 | File | `admin/bad.php` | High
|
||||
25 | File | `admin/index.php` | High
|
||||
26 | File | `admin/index.php/user/del/1` | High
|
||||
27 | File | `admin/index.php?id=themes&action=edit_chunk` | High
|
||||
28 | File | `administrator/index.php` | High
|
||||
29 | File | `ajax/render/widget_php` | High
|
||||
30 | File | `album_portal.php` | High
|
||||
31 | File | `api.php` | Low
|
||||
32 | File | `application/home/controller/debug.php` | High
|
||||
33 | File | `articulo.php` | Medium
|
||||
34 | ... | ... | ...
|
||||
|
||||
There are 284 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 289 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -101,7 +101,7 @@ ID | Type | Indicator | Confidence
|
|||
25 | File | `/viewer/krpano.html` | High
|
||||
26 | ... | ... | ...
|
||||
|
||||
There are 216 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 218 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [SV](https://vuldb.com/?country.sv)
|
||||
* ...
|
||||
|
||||
There are 7 more country items available. Please use our online service to access the data.
|
||||
There are 8 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -79,19 +79,19 @@ ID | Type | Indicator | Confidence
|
|||
27 | File | `/operations/travellers.php` | High
|
||||
28 | File | `/php-sms/admin/orders/update_status.php` | High
|
||||
29 | File | `/php-sms/classes/Master.php?f=delete_service` | High
|
||||
30 | File | `/php_action/editProductImage.php` | High
|
||||
31 | File | `/release-x64/otfccdump+0x6b6a8f` | High
|
||||
32 | File | `/release-x64/otfccdump+0x6e7e3d` | High
|
||||
33 | File | `/release-x64/otfccdump+0x6e41a8` | High
|
||||
34 | File | `/rukovoditel/index.php?module=users/login` | High
|
||||
35 | File | `/SVFE2/pages/feegroups/mcc_group.jsf` | High
|
||||
36 | File | `/sys/duplicate/check` | High
|
||||
37 | File | `/timeline2.php` | High
|
||||
38 | File | `/ucenter/repass.php` | High
|
||||
39 | File | `/usr/sbin/httpd` | High
|
||||
30 | File | `/release-x64/otfccdump+0x6b6a8f` | High
|
||||
31 | File | `/release-x64/otfccdump+0x6e7e3d` | High
|
||||
32 | File | `/release-x64/otfccdump+0x6e41a8` | High
|
||||
33 | File | `/rukovoditel/index.php?module=users/login` | High
|
||||
34 | File | `/SVFE2/pages/feegroups/mcc_group.jsf` | High
|
||||
35 | File | `/sys/duplicate/check` | High
|
||||
36 | File | `/timeline2.php` | High
|
||||
37 | File | `/ucenter/repass.php` | High
|
||||
38 | File | `/usr/sbin/httpd` | High
|
||||
39 | File | `/var/log/messages` | High
|
||||
40 | ... | ... | ...
|
||||
|
||||
There are 346 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 349 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [CN](https://vuldb.com/?country.cn)
|
||||
* ...
|
||||
|
||||
There are 8 more country items available. Please use our online service to access the data.
|
||||
There are 7 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -82,13 +82,13 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-22 | Pathname Traversal | High
|
||||
1 | T1006 | CWE-21, CWE-22 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
4 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
|
||||
5 | ... | ... | ... | ...
|
||||
|
||||
There are 15 more TTP items available. Please use our online service to access the data.
|
||||
There are 18 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -96,36 +96,48 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/.env` | Low
|
||||
1 | File | `/admin` | Low
|
||||
2 | File | `/admin/` | Low
|
||||
3 | File | `/admin/patient.php` | High
|
||||
4 | File | `/APR/login.php` | High
|
||||
5 | File | `/APR/signup.php` | High
|
||||
6 | File | `/as/authorization.oauth2` | High
|
||||
7 | File | `/cgi-bin/luci/api/auth` | High
|
||||
8 | File | `/cgi-bin/wapopen` | High
|
||||
6 | File | `/cgi-bin/supervisor/PwdGrp.cgi` | High
|
||||
7 | File | `/cgi-bin/wapopen` | High
|
||||
8 | File | `/churchcrm/EventAttendance.php` | High
|
||||
9 | File | `/DXR.axd` | Medium
|
||||
10 | File | `/filemanager/php/connector.php` | High
|
||||
11 | File | `/forum/away.php` | High
|
||||
12 | File | `/HNAP1/SetClientInfo` | High
|
||||
13 | File | `/mims/login.php` | High
|
||||
14 | File | `/php-scrm/login.php` | High
|
||||
15 | File | `/rukovoditel/index.php?module=users/login` | High
|
||||
16 | File | `/textpattern/index.php` | High
|
||||
17 | File | `/tmp` | Low
|
||||
18 | File | `account-signup.php` | High
|
||||
19 | File | `account/signup.php` | High
|
||||
20 | File | `addentry.php` | Medium
|
||||
21 | File | `admin.php` | Medium
|
||||
22 | File | `admin/admin_editor.php` | High
|
||||
23 | File | `admin/conf_users_edit.php` | High
|
||||
24 | File | `admin/template/js/uploadify/uploadify.swf` | High
|
||||
25 | File | `admin/TemplateController.java` | High
|
||||
26 | File | `adminer.php` | Medium
|
||||
27 | File | `AndroidManifest.xml` | High
|
||||
28 | ... | ... | ...
|
||||
13 | File | `/mhds/clinic/view_details.php` | High
|
||||
14 | File | `/mims/login.php` | High
|
||||
15 | File | `/modules/projects/vw_files.php` | High
|
||||
16 | File | `/php-scrm/login.php` | High
|
||||
17 | File | `/public/launchNewWindow.jsp` | High
|
||||
18 | File | `/rukovoditel/index.php?module=users/login` | High
|
||||
19 | File | `/squashfs-root/www/HNAP1/control/SetMasterWLanSettings.php` | High
|
||||
20 | File | `/static/ueditor/php/controller.php` | High
|
||||
21 | File | `/textpattern/index.php` | High
|
||||
22 | File | `/tmp` | Low
|
||||
23 | File | `/var/WEB-GUI/cgi-bin/telnet.cgi` | High
|
||||
24 | File | `/wp-admin/admin-ajax.php` | High
|
||||
25 | File | `/wp-admin/options.php` | High
|
||||
26 | File | `/wp-content/plugins/woocommerce/templates/emails/plain/` | High
|
||||
27 | File | `account/signup.php` | High
|
||||
28 | File | `Acl.asp` | Low
|
||||
29 | File | `activenews_view.asp` | High
|
||||
30 | File | `adclick.php` | Medium
|
||||
31 | File | `addentry.php` | Medium
|
||||
32 | File | `addressbook/backends/ldap/e-book-backend-ldap.c` | High
|
||||
33 | File | `admin.php` | Medium
|
||||
34 | File | `admin/admin_editor.php` | High
|
||||
35 | File | `admin/TemplateController.java` | High
|
||||
36 | File | `admincp.php` | Medium
|
||||
37 | File | `adminer.php` | Medium
|
||||
38 | File | `affich.php` | Medium
|
||||
39 | File | `ajax/telemetry.php` | High
|
||||
40 | ... | ... | ...
|
||||
|
||||
There are 235 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 340 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -51,7 +51,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
5 | ... | ... | ... | ...
|
||||
|
||||
There are 14 more TTP items available. Please use our online service to access the data.
|
||||
There are 15 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
|
|
@ -9,8 +9,8 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
|
|||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with CoinStomp:
|
||||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
* [RU](https://vuldb.com/?country.ru)
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
* ...
|
||||
|
||||
There are 1 more country items available. Please use our online service to access the data.
|
||||
|
@ -88,10 +88,9 @@ ID | Type | Indicator | Confidence
|
|||
41 | File | `coders/dds.c` | Medium
|
||||
42 | File | `coders/webp.c` | High
|
||||
43 | File | `CollabNetApp.java` | High
|
||||
44 | File | `collection.class.php` | High
|
||||
45 | ... | ... | ...
|
||||
44 | ... | ... | ...
|
||||
|
||||
There are 386 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 385 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [CN](https://vuldb.com/?country.cn)
|
||||
* ...
|
||||
|
||||
There are 23 more country items available. Please use our online service to access the data.
|
||||
There are 29 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -21,170 +21,234 @@ These _indicators of compromise_ (IOC) indicate associated network resources whi
|
|||
|
||||
ID | IP address | Hostname | Campaign | Confidence
|
||||
-- | ---------- | -------- | -------- | ----------
|
||||
1 | [5.8.46.128](https://vuldb.com/?ip.5.8.46.128) | - | - | High
|
||||
2 | [5.62.56.60](https://vuldb.com/?ip.5.62.56.60) | r-60-56-62-5.consumer-pool.prcdn.net | - | High
|
||||
3 | [5.62.58.56](https://vuldb.com/?ip.5.62.58.56) | r-56-58-62-5.consumer-pool.prcdn.net | - | High
|
||||
4 | [5.182.120.0](https://vuldb.com/?ip.5.182.120.0) | - | - | High
|
||||
5 | [8.243.64.0](https://vuldb.com/?ip.8.243.64.0) | - | - | High
|
||||
6 | [8.243.160.0](https://vuldb.com/?ip.8.243.160.0) | - | - | High
|
||||
7 | [17.45.148.0](https://vuldb.com/?ip.17.45.148.0) | - | - | High
|
||||
8 | [17.45.170.111](https://vuldb.com/?ip.17.45.170.111) | - | - | High
|
||||
9 | [23.232.253.0](https://vuldb.com/?ip.23.232.253.0) | - | - | High
|
||||
10 | [23.235.44.0](https://vuldb.com/?ip.23.235.44.0) | - | - | High
|
||||
11 | [32.59.144.0](https://vuldb.com/?ip.32.59.144.0) | - | - | High
|
||||
12 | [34.100.24.0](https://vuldb.com/?ip.34.100.24.0) | 0.24.100.34.bc.googleusercontent.com | - | Medium
|
||||
13 | [34.100.56.0](https://vuldb.com/?ip.34.100.56.0) | 0.56.100.34.bc.googleusercontent.com | - | Medium
|
||||
14 | [45.5.160.0](https://vuldb.com/?ip.45.5.160.0) | - | - | High
|
||||
15 | [45.5.172.0](https://vuldb.com/?ip.45.5.172.0) | - | - | High
|
||||
16 | [45.5.180.0](https://vuldb.com/?ip.45.5.180.0) | - | - | High
|
||||
17 | [45.5.184.0](https://vuldb.com/?ip.45.5.184.0) | - | - | High
|
||||
18 | [45.7.132.0](https://vuldb.com/?ip.45.7.132.0) | 45-7-132-0.ims-ipv4.com | - | High
|
||||
19 | [45.12.70.49](https://vuldb.com/?ip.45.12.70.49) | files-clock.get-eye.com | - | High
|
||||
20 | [45.12.71.49](https://vuldb.com/?ip.45.12.71.49) | - | - | High
|
||||
21 | [45.65.136.0](https://vuldb.com/?ip.45.65.136.0) | - | - | High
|
||||
22 | [45.65.200.0](https://vuldb.com/?ip.45.65.200.0) | - | - | High
|
||||
23 | [45.65.232.0](https://vuldb.com/?ip.45.65.232.0) | - | - | High
|
||||
24 | [45.70.168.0](https://vuldb.com/?ip.45.70.168.0) | - | - | High
|
||||
25 | [45.71.7.0](https://vuldb.com/?ip.45.71.7.0) | - | - | High
|
||||
26 | [45.71.180.0](https://vuldb.com/?ip.45.71.180.0) | - | - | High
|
||||
27 | [45.87.11.0](https://vuldb.com/?ip.45.87.11.0) | - | - | High
|
||||
28 | [45.129.32.0](https://vuldb.com/?ip.45.129.32.0) | - | - | High
|
||||
29 | [45.131.162.0](https://vuldb.com/?ip.45.131.162.0) | - | - | High
|
||||
30 | [45.162.0.0](https://vuldb.com/?ip.45.162.0.0) | - | - | High
|
||||
31 | [45.162.76.0](https://vuldb.com/?ip.45.162.76.0) | - | - | High
|
||||
32 | [45.162.82.0](https://vuldb.com/?ip.45.162.82.0) | 0-82-162-45.static-col.wifaocolombia.com | - | High
|
||||
33 | [45.162.84.0](https://vuldb.com/?ip.45.162.84.0) | 0-84-162-45.static-col.wifaocolombia.com | - | High
|
||||
34 | [45.162.126.0](https://vuldb.com/?ip.45.162.126.0) | - | - | High
|
||||
35 | [45.163.0.0](https://vuldb.com/?ip.45.163.0.0) | - | - | High
|
||||
36 | [45.163.28.0](https://vuldb.com/?ip.45.163.28.0) | - | - | High
|
||||
37 | [45.163.30.0](https://vuldb.com/?ip.45.163.30.0) | - | - | High
|
||||
38 | [45.167.124.0](https://vuldb.com/?ip.45.167.124.0) | - | - | High
|
||||
39 | [45.167.126.0](https://vuldb.com/?ip.45.167.126.0) | - | - | High
|
||||
40 | [45.167.248.0](https://vuldb.com/?ip.45.167.248.0) | - | - | High
|
||||
41 | [45.168.104.0](https://vuldb.com/?ip.45.168.104.0) | - | - | High
|
||||
42 | [45.169.98.0](https://vuldb.com/?ip.45.169.98.0) | rede-45.169.98.netcomunicaciones.com | - | High
|
||||
43 | [45.169.253.0](https://vuldb.com/?ip.45.169.253.0) | - | - | High
|
||||
44 | [45.170.124.0](https://vuldb.com/?ip.45.170.124.0) | - | - | High
|
||||
45 | [45.170.132.0](https://vuldb.com/?ip.45.170.132.0) | - | - | High
|
||||
46 | [45.170.240.0](https://vuldb.com/?ip.45.170.240.0) | - | - | High
|
||||
47 | [45.171.118.0](https://vuldb.com/?ip.45.171.118.0) | - | - | High
|
||||
48 | [45.171.180.0](https://vuldb.com/?ip.45.171.180.0) | - | - | High
|
||||
49 | [45.172.178.0](https://vuldb.com/?ip.45.172.178.0) | - | - | High
|
||||
50 | [45.172.184.0](https://vuldb.com/?ip.45.172.184.0) | - | - | High
|
||||
51 | [45.172.218.0](https://vuldb.com/?ip.45.172.218.0) | - | - | High
|
||||
52 | [45.172.222.0](https://vuldb.com/?ip.45.172.222.0) | - | - | High
|
||||
53 | [45.173.4.0](https://vuldb.com/?ip.45.173.4.0) | 45-173-4-0.ims-ipv4.com | - | High
|
||||
54 | [45.173.8.0](https://vuldb.com/?ip.45.173.8.0) | mymnetworks.com | - | High
|
||||
55 | [45.173.12.0](https://vuldb.com/?ip.45.173.12.0) | - | - | High
|
||||
56 | [45.173.14.0](https://vuldb.com/?ip.45.173.14.0) | 45-173-14-0.tvisla.net.co | - | High
|
||||
57 | [45.173.44.0](https://vuldb.com/?ip.45.173.44.0) | 45-173-44-0.tvisla.net.co | - | High
|
||||
58 | [45.173.68.0](https://vuldb.com/?ip.45.173.68.0) | - | - | High
|
||||
59 | [45.174.196.0](https://vuldb.com/?ip.45.174.196.0) | - | - | High
|
||||
60 | [45.174.224.0](https://vuldb.com/?ip.45.174.224.0) | - | - | High
|
||||
61 | [45.174.227.0](https://vuldb.com/?ip.45.174.227.0) | - | - | High
|
||||
62 | [45.175.20.0](https://vuldb.com/?ip.45.175.20.0) | - | - | High
|
||||
63 | [45.175.139.0](https://vuldb.com/?ip.45.175.139.0) | - | - | High
|
||||
64 | [45.176.70.0](https://vuldb.com/?ip.45.176.70.0) | - | - | High
|
||||
65 | [45.176.193.0](https://vuldb.com/?ip.45.176.193.0) | - | - | High
|
||||
66 | [45.176.232.0](https://vuldb.com/?ip.45.176.232.0) | - | - | High
|
||||
67 | [45.177.52.0](https://vuldb.com/?ip.45.177.52.0) | - | - | High
|
||||
68 | [45.177.54.0](https://vuldb.com/?ip.45.177.54.0) | - | - | High
|
||||
69 | [45.177.108.0](https://vuldb.com/?ip.45.177.108.0) | 45-177-108-0.ims-ipv4.com | - | High
|
||||
70 | [45.178.4.0](https://vuldb.com/?ip.45.178.4.0) | hostedby.packetbunker.com | - | High
|
||||
71 | [45.178.12.0](https://vuldb.com/?ip.45.178.12.0) | - | - | High
|
||||
72 | [45.178.64.0](https://vuldb.com/?ip.45.178.64.0) | - | - | High
|
||||
73 | [45.179.160.0](https://vuldb.com/?ip.45.179.160.0) | - | - | High
|
||||
74 | [45.179.200.0](https://vuldb.com/?ip.45.179.200.0) | - | - | High
|
||||
75 | [45.179.244.0](https://vuldb.com/?ip.45.179.244.0) | - | - | High
|
||||
76 | [45.180.22.0](https://vuldb.com/?ip.45.180.22.0) | - | - | High
|
||||
77 | [45.180.44.0](https://vuldb.com/?ip.45.180.44.0) | - | - | High
|
||||
78 | [45.180.82.0](https://vuldb.com/?ip.45.180.82.0) | - | - | High
|
||||
79 | [45.180.112.0](https://vuldb.com/?ip.45.180.112.0) | - | - | High
|
||||
80 | [45.181.156.0](https://vuldb.com/?ip.45.181.156.0) | 45-181-156-0.odatacolocation.com.br | - | High
|
||||
81 | [45.181.188.0](https://vuldb.com/?ip.45.181.188.0) | - | - | High
|
||||
82 | [45.181.204.0](https://vuldb.com/?ip.45.181.204.0) | - | - | High
|
||||
83 | [45.182.41.0](https://vuldb.com/?ip.45.182.41.0) | - | - | High
|
||||
84 | [45.182.190.0](https://vuldb.com/?ip.45.182.190.0) | - | - | High
|
||||
85 | [45.183.40.0](https://vuldb.com/?ip.45.183.40.0) | - | - | High
|
||||
86 | [45.183.196.0](https://vuldb.com/?ip.45.183.196.0) | - | - | High
|
||||
87 | [45.183.247.0](https://vuldb.com/?ip.45.183.247.0) | 0.247.183.45.static.luma.cloud | - | High
|
||||
88 | [45.185.31.0](https://vuldb.com/?ip.45.185.31.0) | - | - | High
|
||||
89 | [45.187.48.0](https://vuldb.com/?ip.45.187.48.0) | - | - | High
|
||||
90 | [45.189.119.0](https://vuldb.com/?ip.45.189.119.0) | - | - | High
|
||||
91 | [45.191.0.0](https://vuldb.com/?ip.45.191.0.0) | 0.0.191.45.host.as64114.com | - | High
|
||||
92 | [45.224.186.0](https://vuldb.com/?ip.45.224.186.0) | - | - | High
|
||||
93 | [45.225.224.0](https://vuldb.com/?ip.45.225.224.0) | - | - | High
|
||||
94 | [45.226.112.0](https://vuldb.com/?ip.45.226.112.0) | - | - | High
|
||||
95 | [45.226.186.0](https://vuldb.com/?ip.45.226.186.0) | - | - | High
|
||||
96 | [45.227.5.0](https://vuldb.com/?ip.45.227.5.0) | - | - | High
|
||||
97 | [45.227.88.0](https://vuldb.com/?ip.45.227.88.0) | - | - | High
|
||||
98 | [45.229.72.0](https://vuldb.com/?ip.45.229.72.0) | - | - | High
|
||||
99 | [45.229.192.0](https://vuldb.com/?ip.45.229.192.0) | - | - | High
|
||||
100 | [45.230.33.0](https://vuldb.com/?ip.45.230.33.0) | - | - | High
|
||||
101 | [45.231.184.0](https://vuldb.com/?ip.45.231.184.0) | - | - | High
|
||||
102 | [45.233.4.0](https://vuldb.com/?ip.45.233.4.0) | - | - | High
|
||||
103 | [45.233.72.0](https://vuldb.com/?ip.45.233.72.0) | - | - | High
|
||||
104 | [45.233.168.0](https://vuldb.com/?ip.45.233.168.0) | - | - | High
|
||||
105 | [45.235.40.0](https://vuldb.com/?ip.45.235.40.0) | - | - | High
|
||||
106 | [45.237.36.0](https://vuldb.com/?ip.45.237.36.0) | - | - | High
|
||||
107 | [45.238.144.0](https://vuldb.com/?ip.45.238.144.0) | - | - | High
|
||||
108 | [45.238.180.0](https://vuldb.com/?ip.45.238.180.0) | - | - | High
|
||||
109 | [45.238.196.0](https://vuldb.com/?ip.45.238.196.0) | - | - | High
|
||||
110 | [45.239.88.0](https://vuldb.com/?ip.45.239.88.0) | - | - | High
|
||||
111 | [45.239.115.0](https://vuldb.com/?ip.45.239.115.0) | - | - | High
|
||||
112 | [57.74.192.0](https://vuldb.com/?ip.57.74.192.0) | - | - | High
|
||||
113 | [63.163.180.0](https://vuldb.com/?ip.63.163.180.0) | - | - | High
|
||||
114 | [63.168.93.0](https://vuldb.com/?ip.63.168.93.0) | - | - | High
|
||||
115 | [63.174.200.0](https://vuldb.com/?ip.63.174.200.0) | - | - | High
|
||||
116 | [63.245.96.0](https://vuldb.com/?ip.63.245.96.0) | - | - | High
|
||||
117 | [64.76.48.0](https://vuldb.com/?ip.64.76.48.0) | - | - | High
|
||||
118 | [64.76.56.0](https://vuldb.com/?ip.64.76.56.0) | - | - | High
|
||||
119 | [64.76.80.0](https://vuldb.com/?ip.64.76.80.0) | - | - | High
|
||||
120 | [64.76.90.0](https://vuldb.com/?ip.64.76.90.0) | - | - | High
|
||||
121 | [64.76.112.0](https://vuldb.com/?ip.64.76.112.0) | c6476112-0.dynamic.impsat.com.co | - | High
|
||||
122 | [64.76.188.0](https://vuldb.com/?ip.64.76.188.0) | - | - | High
|
||||
123 | [64.76.208.0](https://vuldb.com/?ip.64.76.208.0) | - | - | High
|
||||
124 | [64.140.143.128](https://vuldb.com/?ip.64.140.143.128) | - | - | High
|
||||
125 | [65.167.48.0](https://vuldb.com/?ip.65.167.48.0) | - | - | High
|
||||
126 | [65.167.80.0](https://vuldb.com/?ip.65.167.80.0) | - | - | High
|
||||
127 | [65.168.52.0](https://vuldb.com/?ip.65.168.52.0) | - | - | High
|
||||
128 | [65.208.64.0](https://vuldb.com/?ip.65.208.64.0) | - | - | High
|
||||
129 | [66.231.64.0](https://vuldb.com/?ip.66.231.64.0) | host-66-231-64-0.telecu.es | - | High
|
||||
130 | [66.231.68.0](https://vuldb.com/?ip.66.231.68.0) | - | - | High
|
||||
131 | [67.73.184.0](https://vuldb.com/?ip.67.73.184.0) | - | - | High
|
||||
132 | [67.73.224.0](https://vuldb.com/?ip.67.73.224.0) | - | - | High
|
||||
133 | [67.73.240.0](https://vuldb.com/?ip.67.73.240.0) | - | - | High
|
||||
134 | [67.73.248.0](https://vuldb.com/?ip.67.73.248.0) | - | - | High
|
||||
135 | [67.73.252.0](https://vuldb.com/?ip.67.73.252.0) | - | - | High
|
||||
136 | [69.174.45.32](https://vuldb.com/?ip.69.174.45.32) | ns1648.ztomy.com | - | High
|
||||
137 | [69.195.211.0](https://vuldb.com/?ip.69.195.211.0) | - | - | High
|
||||
138 | [70.35.156.0](https://vuldb.com/?ip.70.35.156.0) | - | - | High
|
||||
139 | [81.173.106.120](https://vuldb.com/?ip.81.173.106.120) | - | - | High
|
||||
140 | [82.195.173.245](https://vuldb.com/?ip.82.195.173.245) | - | - | High
|
||||
141 | [91.195.110.0](https://vuldb.com/?ip.91.195.110.0) | - | - | High
|
||||
142 | [104.132.160.0](https://vuldb.com/?ip.104.132.160.0) | - | - | High
|
||||
143 | [104.166.117.0](https://vuldb.com/?ip.104.166.117.0) | - | - | High
|
||||
144 | [104.224.35.0](https://vuldb.com/?ip.104.224.35.0) | - | - | High
|
||||
145 | [107.180.148.0](https://vuldb.com/?ip.107.180.148.0) | - | - | High
|
||||
146 | [107.180.152.0](https://vuldb.com/?ip.107.180.152.0) | - | - | High
|
||||
147 | [116.206.49.0](https://vuldb.com/?ip.116.206.49.0) | - | - | High
|
||||
148 | [128.90.108.0](https://vuldb.com/?ip.128.90.108.0) | undefined.hostname.localhost | - | High
|
||||
149 | [128.90.115.0](https://vuldb.com/?ip.128.90.115.0) | undefined.hostname.localhost | - | High
|
||||
150 | [131.0.136.0](https://vuldb.com/?ip.131.0.136.0) | - | - | High
|
||||
151 | [131.0.168.0](https://vuldb.com/?ip.131.0.168.0) | - | - | High
|
||||
152 | [131.100.1.0](https://vuldb.com/?ip.131.100.1.0) | - | - | High
|
||||
153 | [131.108.168.0](https://vuldb.com/?ip.131.108.168.0) | dsl-emcali-131.108.168.0.emcali.net.co | - | High
|
||||
154 | [131.196.208.0](https://vuldb.com/?ip.131.196.208.0) | - | - | High
|
||||
155 | [131.221.40.0](https://vuldb.com/?ip.131.221.40.0) | - | - | High
|
||||
156 | [132.255.20.0](https://vuldb.com/?ip.132.255.20.0) | 132255200.ip73.static.mediacommerce.com.co | - | High
|
||||
157 | [136.228.226.0](https://vuldb.com/?ip.136.228.226.0) | - | - | High
|
||||
158 | [138.0.40.0](https://vuldb.com/?ip.138.0.40.0) | - | - | High
|
||||
159 | [138.0.88.0](https://vuldb.com/?ip.138.0.88.0) | - | - | High
|
||||
160 | [138.0.116.0](https://vuldb.com/?ip.138.0.116.0) | azteca-comunicaciones.com | - | High
|
||||
161 | [138.36.64.0](https://vuldb.com/?ip.138.36.64.0) | - | - | High
|
||||
162 | ... | ... | ... | ...
|
||||
1 | [4.33.232.0](https://vuldb.com/?ip.4.33.232.0) | - | - | High
|
||||
2 | [5.8.46.128](https://vuldb.com/?ip.5.8.46.128) | - | - | High
|
||||
3 | [5.62.56.60](https://vuldb.com/?ip.5.62.56.60) | r-60-56-62-5.consumer-pool.prcdn.net | - | High
|
||||
4 | [5.62.58.56](https://vuldb.com/?ip.5.62.58.56) | r-56-58-62-5.consumer-pool.prcdn.net | - | High
|
||||
5 | [5.182.120.0](https://vuldb.com/?ip.5.182.120.0) | - | - | High
|
||||
6 | [8.242.128.0](https://vuldb.com/?ip.8.242.128.0) | - | - | High
|
||||
7 | [8.242.142.0](https://vuldb.com/?ip.8.242.142.0) | - | - | High
|
||||
8 | [8.242.208.0](https://vuldb.com/?ip.8.242.208.0) | - | - | High
|
||||
9 | [8.243.64.0](https://vuldb.com/?ip.8.243.64.0) | - | - | High
|
||||
10 | [8.243.160.0](https://vuldb.com/?ip.8.243.160.0) | - | - | High
|
||||
11 | [13.227.5.0](https://vuldb.com/?ip.13.227.5.0) | server-13-227-5-0.bog50.r.cloudfront.net | - | High
|
||||
12 | [13.227.6.0](https://vuldb.com/?ip.13.227.6.0) | server-13-227-6-0.bog50.r.cloudfront.net | - | High
|
||||
13 | [13.227.16.0](https://vuldb.com/?ip.13.227.16.0) | server-13-227-16-0.bog50.r.cloudfront.net | - | High
|
||||
14 | [13.227.20.0](https://vuldb.com/?ip.13.227.20.0) | server-13-227-20-0.bog50.r.cloudfront.net | - | High
|
||||
15 | [13.227.24.0](https://vuldb.com/?ip.13.227.24.0) | server-13-227-24-0.bog50.r.cloudfront.net | - | High
|
||||
16 | [17.45.148.0](https://vuldb.com/?ip.17.45.148.0) | - | - | High
|
||||
17 | [17.45.170.111](https://vuldb.com/?ip.17.45.170.111) | - | - | High
|
||||
18 | [23.7.0.0](https://vuldb.com/?ip.23.7.0.0) | a23-7-0-0.deploy.static.akamaitechnologies.com | - | High
|
||||
19 | [23.7.64.0](https://vuldb.com/?ip.23.7.64.0) | a23-7-64-0.deploy.static.akamaitechnologies.com | - | High
|
||||
20 | [23.7.144.0](https://vuldb.com/?ip.23.7.144.0) | a23-7-144-0.deploy.static.akamaitechnologies.com | - | High
|
||||
21 | [23.9.48.0](https://vuldb.com/?ip.23.9.48.0) | a23-9-48-0.deploy.static.akamaitechnologies.com | - | High
|
||||
22 | [23.14.16.0](https://vuldb.com/?ip.23.14.16.0) | a23-14-16-0.deploy.static.akamaitechnologies.com | - | High
|
||||
23 | [23.14.32.0](https://vuldb.com/?ip.23.14.32.0) | a23-14-32-0.deploy.static.akamaitechnologies.com | - | High
|
||||
24 | [23.14.48.0](https://vuldb.com/?ip.23.14.48.0) | a23-14-48-0.deploy.static.akamaitechnologies.com | - | High
|
||||
25 | [23.14.80.0](https://vuldb.com/?ip.23.14.80.0) | a23-14-80-0.deploy.static.akamaitechnologies.com | - | High
|
||||
26 | [23.32.192.0](https://vuldb.com/?ip.23.32.192.0) | a23-32-192-0.deploy.static.akamaitechnologies.com | - | High
|
||||
27 | [23.32.208.0](https://vuldb.com/?ip.23.32.208.0) | a23-32-208-0.deploy.static.akamaitechnologies.com | - | High
|
||||
28 | [23.36.184.0](https://vuldb.com/?ip.23.36.184.0) | a23-36-184-0.deploy.static.akamaitechnologies.com | - | High
|
||||
29 | [23.46.2.0](https://vuldb.com/?ip.23.46.2.0) | a23-46-2-0.deploy.static.akamaitechnologies.com | - | High
|
||||
30 | [23.46.192.0](https://vuldb.com/?ip.23.46.192.0) | a23-46-192-0.deploy.static.akamaitechnologies.com | - | High
|
||||
31 | [23.52.112.0](https://vuldb.com/?ip.23.52.112.0) | a23-52-112-0.deploy.static.akamaitechnologies.com | - | High
|
||||
32 | [23.56.64.0](https://vuldb.com/?ip.23.56.64.0) | a23-56-64-0.deploy.static.akamaitechnologies.com | - | High
|
||||
33 | [23.61.2.0](https://vuldb.com/?ip.23.61.2.0) | a23-61-2-0.deploy.static.akamaitechnologies.com | - | High
|
||||
34 | [23.61.245.0](https://vuldb.com/?ip.23.61.245.0) | a23-61-245-0.deploy.static.akamaitechnologies.com | - | High
|
||||
35 | [23.61.247.0](https://vuldb.com/?ip.23.61.247.0) | a23-61-247-0.deploy.static.akamaitechnologies.com | - | High
|
||||
36 | [23.67.16.0](https://vuldb.com/?ip.23.67.16.0) | a23-67-16-0.deploy.static.akamaitechnologies.com | - | High
|
||||
37 | [23.213.192.0](https://vuldb.com/?ip.23.213.192.0) | a23-213-192-0.deploy.static.akamaitechnologies.com | - | High
|
||||
38 | [23.213.202.0](https://vuldb.com/?ip.23.213.202.0) | a23-213-202-0.deploy.static.akamaitechnologies.com | - | High
|
||||
39 | [23.219.48.0](https://vuldb.com/?ip.23.219.48.0) | a23-219-48-0.deploy.static.akamaitechnologies.com | - | High
|
||||
40 | [23.220.64.0](https://vuldb.com/?ip.23.220.64.0) | a23-220-64-0.deploy.static.akamaitechnologies.com | - | High
|
||||
41 | [23.232.253.0](https://vuldb.com/?ip.23.232.253.0) | - | - | High
|
||||
42 | [23.235.44.0](https://vuldb.com/?ip.23.235.44.0) | - | - | High
|
||||
43 | [24.152.56.0](https://vuldb.com/?ip.24.152.56.0) | - | - | High
|
||||
44 | [24.152.58.0](https://vuldb.com/?ip.24.152.58.0) | - | - | High
|
||||
45 | [32.59.72.0](https://vuldb.com/?ip.32.59.72.0) | - | - | High
|
||||
46 | [32.59.144.0](https://vuldb.com/?ip.32.59.144.0) | - | - | High
|
||||
47 | [32.59.147.0](https://vuldb.com/?ip.32.59.147.0) | - | - | High
|
||||
48 | [34.100.24.0](https://vuldb.com/?ip.34.100.24.0) | 0.24.100.34.bc.googleusercontent.com | - | Medium
|
||||
49 | [34.100.56.0](https://vuldb.com/?ip.34.100.56.0) | 0.56.100.34.bc.googleusercontent.com | - | Medium
|
||||
50 | [38.10.180.0](https://vuldb.com/?ip.38.10.180.0) | - | - | High
|
||||
51 | [38.229.54.0](https://vuldb.com/?ip.38.229.54.0) | - | - | High
|
||||
52 | [45.5.160.0](https://vuldb.com/?ip.45.5.160.0) | - | - | High
|
||||
53 | [45.5.172.0](https://vuldb.com/?ip.45.5.172.0) | - | - | High
|
||||
54 | [45.5.180.0](https://vuldb.com/?ip.45.5.180.0) | - | - | High
|
||||
55 | [45.5.184.0](https://vuldb.com/?ip.45.5.184.0) | - | - | High
|
||||
56 | [45.7.132.0](https://vuldb.com/?ip.45.7.132.0) | 45-7-132-0.ims-ipv4.com | - | High
|
||||
57 | [45.12.70.49](https://vuldb.com/?ip.45.12.70.49) | files-clock.get-eye.com | - | High
|
||||
58 | [45.12.71.49](https://vuldb.com/?ip.45.12.71.49) | - | - | High
|
||||
59 | [45.65.136.0](https://vuldb.com/?ip.45.65.136.0) | - | - | High
|
||||
60 | [45.65.200.0](https://vuldb.com/?ip.45.65.200.0) | - | - | High
|
||||
61 | [45.65.232.0](https://vuldb.com/?ip.45.65.232.0) | - | - | High
|
||||
62 | [45.70.168.0](https://vuldb.com/?ip.45.70.168.0) | - | - | High
|
||||
63 | [45.71.7.0](https://vuldb.com/?ip.45.71.7.0) | - | - | High
|
||||
64 | [45.71.180.0](https://vuldb.com/?ip.45.71.180.0) | - | - | High
|
||||
65 | [45.87.11.0](https://vuldb.com/?ip.45.87.11.0) | - | - | High
|
||||
66 | [45.87.117.0](https://vuldb.com/?ip.45.87.117.0) | - | - | High
|
||||
67 | [45.129.32.0](https://vuldb.com/?ip.45.129.32.0) | - | - | High
|
||||
68 | [45.131.162.0](https://vuldb.com/?ip.45.131.162.0) | - | - | High
|
||||
69 | [45.144.227.0](https://vuldb.com/?ip.45.144.227.0) | - | - | High
|
||||
70 | [45.162.0.0](https://vuldb.com/?ip.45.162.0.0) | - | - | High
|
||||
71 | [45.162.76.0](https://vuldb.com/?ip.45.162.76.0) | - | - | High
|
||||
72 | [45.162.82.0](https://vuldb.com/?ip.45.162.82.0) | 0-82-162-45.static-col.wifaocolombia.com | - | High
|
||||
73 | [45.162.84.0](https://vuldb.com/?ip.45.162.84.0) | 0-84-162-45.static-col.wifaocolombia.com | - | High
|
||||
74 | [45.162.126.0](https://vuldb.com/?ip.45.162.126.0) | - | - | High
|
||||
75 | [45.163.0.0](https://vuldb.com/?ip.45.163.0.0) | - | - | High
|
||||
76 | [45.163.28.0](https://vuldb.com/?ip.45.163.28.0) | - | - | High
|
||||
77 | [45.163.30.0](https://vuldb.com/?ip.45.163.30.0) | - | - | High
|
||||
78 | [45.167.124.0](https://vuldb.com/?ip.45.167.124.0) | - | - | High
|
||||
79 | [45.167.126.0](https://vuldb.com/?ip.45.167.126.0) | - | - | High
|
||||
80 | [45.167.248.0](https://vuldb.com/?ip.45.167.248.0) | - | - | High
|
||||
81 | [45.168.104.0](https://vuldb.com/?ip.45.168.104.0) | - | - | High
|
||||
82 | [45.169.98.0](https://vuldb.com/?ip.45.169.98.0) | rede-45.169.98.netcomunicaciones.com | - | High
|
||||
83 | [45.169.253.0](https://vuldb.com/?ip.45.169.253.0) | - | - | High
|
||||
84 | [45.170.124.0](https://vuldb.com/?ip.45.170.124.0) | - | - | High
|
||||
85 | [45.170.132.0](https://vuldb.com/?ip.45.170.132.0) | - | - | High
|
||||
86 | [45.170.240.0](https://vuldb.com/?ip.45.170.240.0) | - | - | High
|
||||
87 | [45.171.118.0](https://vuldb.com/?ip.45.171.118.0) | - | - | High
|
||||
88 | [45.171.180.0](https://vuldb.com/?ip.45.171.180.0) | - | - | High
|
||||
89 | [45.172.178.0](https://vuldb.com/?ip.45.172.178.0) | - | - | High
|
||||
90 | [45.172.184.0](https://vuldb.com/?ip.45.172.184.0) | - | - | High
|
||||
91 | [45.172.218.0](https://vuldb.com/?ip.45.172.218.0) | - | - | High
|
||||
92 | [45.172.222.0](https://vuldb.com/?ip.45.172.222.0) | - | - | High
|
||||
93 | [45.173.0.0](https://vuldb.com/?ip.45.173.0.0) | - | - | High
|
||||
94 | [45.173.4.0](https://vuldb.com/?ip.45.173.4.0) | 45-173-4-0.ims-ipv4.com | - | High
|
||||
95 | [45.173.8.0](https://vuldb.com/?ip.45.173.8.0) | mymnetworks.com | - | High
|
||||
96 | [45.173.12.0](https://vuldb.com/?ip.45.173.12.0) | - | - | High
|
||||
97 | [45.173.14.0](https://vuldb.com/?ip.45.173.14.0) | 45-173-14-0.tvisla.net.co | - | High
|
||||
98 | [45.173.44.0](https://vuldb.com/?ip.45.173.44.0) | 45-173-44-0.tvisla.net.co | - | High
|
||||
99 | [45.173.68.0](https://vuldb.com/?ip.45.173.68.0) | - | - | High
|
||||
100 | [45.174.196.0](https://vuldb.com/?ip.45.174.196.0) | - | - | High
|
||||
101 | [45.174.224.0](https://vuldb.com/?ip.45.174.224.0) | - | - | High
|
||||
102 | [45.174.227.0](https://vuldb.com/?ip.45.174.227.0) | - | - | High
|
||||
103 | [45.175.20.0](https://vuldb.com/?ip.45.175.20.0) | - | - | High
|
||||
104 | [45.175.139.0](https://vuldb.com/?ip.45.175.139.0) | - | - | High
|
||||
105 | [45.176.70.0](https://vuldb.com/?ip.45.176.70.0) | - | - | High
|
||||
106 | [45.176.193.0](https://vuldb.com/?ip.45.176.193.0) | - | - | High
|
||||
107 | [45.176.232.0](https://vuldb.com/?ip.45.176.232.0) | - | - | High
|
||||
108 | [45.177.52.0](https://vuldb.com/?ip.45.177.52.0) | - | - | High
|
||||
109 | [45.177.54.0](https://vuldb.com/?ip.45.177.54.0) | - | - | High
|
||||
110 | [45.177.108.0](https://vuldb.com/?ip.45.177.108.0) | 45-177-108-0.ims-ipv4.com | - | High
|
||||
111 | [45.178.4.0](https://vuldb.com/?ip.45.178.4.0) | hostedby.packetbunker.com | - | High
|
||||
112 | [45.178.12.0](https://vuldb.com/?ip.45.178.12.0) | - | - | High
|
||||
113 | [45.178.64.0](https://vuldb.com/?ip.45.178.64.0) | - | - | High
|
||||
114 | [45.179.160.0](https://vuldb.com/?ip.45.179.160.0) | - | - | High
|
||||
115 | [45.179.200.0](https://vuldb.com/?ip.45.179.200.0) | - | - | High
|
||||
116 | [45.179.244.0](https://vuldb.com/?ip.45.179.244.0) | - | - | High
|
||||
117 | [45.180.22.0](https://vuldb.com/?ip.45.180.22.0) | - | - | High
|
||||
118 | [45.180.44.0](https://vuldb.com/?ip.45.180.44.0) | - | - | High
|
||||
119 | [45.180.82.0](https://vuldb.com/?ip.45.180.82.0) | - | - | High
|
||||
120 | [45.180.112.0](https://vuldb.com/?ip.45.180.112.0) | - | - | High
|
||||
121 | [45.181.156.0](https://vuldb.com/?ip.45.181.156.0) | 45-181-156-0.odatacolocation.com.br | - | High
|
||||
122 | [45.181.188.0](https://vuldb.com/?ip.45.181.188.0) | - | - | High
|
||||
123 | [45.181.204.0](https://vuldb.com/?ip.45.181.204.0) | - | - | High
|
||||
124 | [45.182.41.0](https://vuldb.com/?ip.45.182.41.0) | - | - | High
|
||||
125 | [45.182.190.0](https://vuldb.com/?ip.45.182.190.0) | - | - | High
|
||||
126 | [45.183.40.0](https://vuldb.com/?ip.45.183.40.0) | - | - | High
|
||||
127 | [45.183.196.0](https://vuldb.com/?ip.45.183.196.0) | - | - | High
|
||||
128 | [45.183.247.0](https://vuldb.com/?ip.45.183.247.0) | 0.247.183.45.static.luma.cloud | - | High
|
||||
129 | [45.185.31.0](https://vuldb.com/?ip.45.185.31.0) | - | - | High
|
||||
130 | [45.187.48.0](https://vuldb.com/?ip.45.187.48.0) | - | - | High
|
||||
131 | [45.189.119.0](https://vuldb.com/?ip.45.189.119.0) | - | - | High
|
||||
132 | [45.189.235.0](https://vuldb.com/?ip.45.189.235.0) | 0.235.189.45.inttercom.net.co | - | High
|
||||
133 | [45.190.86.0](https://vuldb.com/?ip.45.190.86.0) | - | - | High
|
||||
134 | [45.191.0.0](https://vuldb.com/?ip.45.191.0.0) | 0.0.191.45.host.as64114.com | - | High
|
||||
135 | [45.191.2.0](https://vuldb.com/?ip.45.191.2.0) | 0.2.191.45.host.as64114.com | - | High
|
||||
136 | [45.191.44.0](https://vuldb.com/?ip.45.191.44.0) | - | - | High
|
||||
137 | [45.191.74.0](https://vuldb.com/?ip.45.191.74.0) | - | - | High
|
||||
138 | [45.191.232.0](https://vuldb.com/?ip.45.191.232.0) | - | - | High
|
||||
139 | [45.224.186.0](https://vuldb.com/?ip.45.224.186.0) | - | - | High
|
||||
140 | [45.225.224.0](https://vuldb.com/?ip.45.225.224.0) | - | - | High
|
||||
141 | [45.225.226.0](https://vuldb.com/?ip.45.225.226.0) | - | - | High
|
||||
142 | [45.226.112.0](https://vuldb.com/?ip.45.226.112.0) | - | - | High
|
||||
143 | [45.226.186.0](https://vuldb.com/?ip.45.226.186.0) | - | - | High
|
||||
144 | [45.227.5.0](https://vuldb.com/?ip.45.227.5.0) | - | - | High
|
||||
145 | [45.227.88.0](https://vuldb.com/?ip.45.227.88.0) | - | - | High
|
||||
146 | [45.229.72.0](https://vuldb.com/?ip.45.229.72.0) | - | - | High
|
||||
147 | [45.229.192.0](https://vuldb.com/?ip.45.229.192.0) | - | - | High
|
||||
148 | [45.230.33.0](https://vuldb.com/?ip.45.230.33.0) | - | - | High
|
||||
149 | [45.231.184.0](https://vuldb.com/?ip.45.231.184.0) | - | - | High
|
||||
150 | [45.233.4.0](https://vuldb.com/?ip.45.233.4.0) | - | - | High
|
||||
151 | [45.233.72.0](https://vuldb.com/?ip.45.233.72.0) | - | - | High
|
||||
152 | [45.233.168.0](https://vuldb.com/?ip.45.233.168.0) | - | - | High
|
||||
153 | [45.235.40.0](https://vuldb.com/?ip.45.235.40.0) | - | - | High
|
||||
154 | [45.237.36.0](https://vuldb.com/?ip.45.237.36.0) | - | - | High
|
||||
155 | [45.238.144.0](https://vuldb.com/?ip.45.238.144.0) | - | - | High
|
||||
156 | [45.238.180.0](https://vuldb.com/?ip.45.238.180.0) | - | - | High
|
||||
157 | [45.238.196.0](https://vuldb.com/?ip.45.238.196.0) | - | - | High
|
||||
158 | [45.239.88.0](https://vuldb.com/?ip.45.239.88.0) | - | - | High
|
||||
159 | [45.239.115.0](https://vuldb.com/?ip.45.239.115.0) | - | - | High
|
||||
160 | [50.7.48.0](https://vuldb.com/?ip.50.7.48.0) | - | - | High
|
||||
161 | [57.74.192.0](https://vuldb.com/?ip.57.74.192.0) | - | - | High
|
||||
162 | [63.163.180.0](https://vuldb.com/?ip.63.163.180.0) | - | - | High
|
||||
163 | [63.168.93.0](https://vuldb.com/?ip.63.168.93.0) | - | - | High
|
||||
164 | [63.174.200.0](https://vuldb.com/?ip.63.174.200.0) | - | - | High
|
||||
165 | [63.222.128.0](https://vuldb.com/?ip.63.222.128.0) | - | - | High
|
||||
166 | [63.245.64.0](https://vuldb.com/?ip.63.245.64.0) | - | - | High
|
||||
167 | [63.245.80.0](https://vuldb.com/?ip.63.245.80.0) | - | - | High
|
||||
168 | [63.245.96.0](https://vuldb.com/?ip.63.245.96.0) | - | - | High
|
||||
169 | [64.76.48.0](https://vuldb.com/?ip.64.76.48.0) | - | - | High
|
||||
170 | [64.76.56.0](https://vuldb.com/?ip.64.76.56.0) | - | - | High
|
||||
171 | [64.76.80.0](https://vuldb.com/?ip.64.76.80.0) | - | - | High
|
||||
172 | [64.76.88.0](https://vuldb.com/?ip.64.76.88.0) | - | - | High
|
||||
173 | [64.76.90.0](https://vuldb.com/?ip.64.76.90.0) | - | - | High
|
||||
174 | [64.76.112.0](https://vuldb.com/?ip.64.76.112.0) | c6476112-0.dynamic.impsat.com.co | - | High
|
||||
175 | [64.76.184.0](https://vuldb.com/?ip.64.76.184.0) | - | - | High
|
||||
176 | [64.76.188.0](https://vuldb.com/?ip.64.76.188.0) | - | - | High
|
||||
177 | [64.76.208.0](https://vuldb.com/?ip.64.76.208.0) | - | - | High
|
||||
178 | [64.86.224.0](https://vuldb.com/?ip.64.86.224.0) | - | - | High
|
||||
179 | [64.140.143.128](https://vuldb.com/?ip.64.140.143.128) | - | - | High
|
||||
180 | [64.191.220.0](https://vuldb.com/?ip.64.191.220.0) | - | - | High
|
||||
181 | [64.252.186.0](https://vuldb.com/?ip.64.252.186.0) | server-64-252-186-0.bog50.r.cloudfront.net | - | High
|
||||
182 | [65.167.48.0](https://vuldb.com/?ip.65.167.48.0) | - | - | High
|
||||
183 | [65.167.80.0](https://vuldb.com/?ip.65.167.80.0) | - | - | High
|
||||
184 | [65.168.52.0](https://vuldb.com/?ip.65.168.52.0) | - | - | High
|
||||
185 | [65.199.244.0](https://vuldb.com/?ip.65.199.244.0) | - | - | High
|
||||
186 | [65.208.64.0](https://vuldb.com/?ip.65.208.64.0) | - | - | High
|
||||
187 | [65.243.120.0](https://vuldb.com/?ip.65.243.120.0) | - | - | High
|
||||
188 | [65.247.206.0](https://vuldb.com/?ip.65.247.206.0) | - | - | High
|
||||
189 | [65.247.240.0](https://vuldb.com/?ip.65.247.240.0) | - | - | High
|
||||
190 | [65.247.244.0](https://vuldb.com/?ip.65.247.244.0) | - | - | High
|
||||
191 | [66.90.66.0](https://vuldb.com/?ip.66.90.66.0) | - | - | High
|
||||
192 | [66.90.82.0](https://vuldb.com/?ip.66.90.82.0) | - | - | High
|
||||
193 | [66.205.0.0](https://vuldb.com/?ip.66.205.0.0) | - | - | High
|
||||
194 | [66.231.64.0](https://vuldb.com/?ip.66.231.64.0) | host-66-231-64-0.telecu.es | - | High
|
||||
195 | [66.231.68.0](https://vuldb.com/?ip.66.231.68.0) | - | - | High
|
||||
196 | [67.73.152.0](https://vuldb.com/?ip.67.73.152.0) | - | - | High
|
||||
197 | [67.73.184.0](https://vuldb.com/?ip.67.73.184.0) | - | - | High
|
||||
198 | [67.73.224.0](https://vuldb.com/?ip.67.73.224.0) | - | - | High
|
||||
199 | [67.73.240.0](https://vuldb.com/?ip.67.73.240.0) | - | - | High
|
||||
200 | [67.73.248.0](https://vuldb.com/?ip.67.73.248.0) | - | - | High
|
||||
201 | [67.73.252.0](https://vuldb.com/?ip.67.73.252.0) | - | - | High
|
||||
202 | [69.42.114.0](https://vuldb.com/?ip.69.42.114.0) | - | - | High
|
||||
203 | [69.174.45.32](https://vuldb.com/?ip.69.174.45.32) | ns1648.ztomy.com | - | High
|
||||
204 | [69.195.210.0](https://vuldb.com/?ip.69.195.210.0) | - | - | High
|
||||
205 | [69.195.211.0](https://vuldb.com/?ip.69.195.211.0) | - | - | High
|
||||
206 | [70.35.154.0](https://vuldb.com/?ip.70.35.154.0) | - | - | High
|
||||
207 | [70.35.156.0](https://vuldb.com/?ip.70.35.156.0) | - | - | High
|
||||
208 | [70.35.159.0](https://vuldb.com/?ip.70.35.159.0) | - | - | High
|
||||
209 | [72.46.230.0](https://vuldb.com/?ip.72.46.230.0) | - | - | High
|
||||
210 | [72.246.48.0](https://vuldb.com/?ip.72.246.48.0) | a72-246-48-0.deploy.static.akamaitechnologies.com | - | High
|
||||
211 | [72.246.208.0](https://vuldb.com/?ip.72.246.208.0) | a72-246-208-0.deploy.static.akamaitechnologies.com | - | High
|
||||
212 | [81.173.106.120](https://vuldb.com/?ip.81.173.106.120) | - | - | High
|
||||
213 | [82.195.173.245](https://vuldb.com/?ip.82.195.173.245) | - | - | High
|
||||
214 | [87.120.106.0](https://vuldb.com/?ip.87.120.106.0) | - | - | High
|
||||
215 | [89.249.56.0](https://vuldb.com/?ip.89.249.56.0) | - | - | High
|
||||
216 | [91.195.110.0](https://vuldb.com/?ip.91.195.110.0) | - | - | High
|
||||
217 | [92.122.210.0](https://vuldb.com/?ip.92.122.210.0) | a92-122-210-0.deploy.static.akamaitechnologies.com | - | High
|
||||
218 | [92.123.240.0](https://vuldb.com/?ip.92.123.240.0) | a92-123-240-0.deploy.static.akamaitechnologies.com | - | High
|
||||
219 | [95.100.87.0](https://vuldb.com/?ip.95.100.87.0) | a95-100-87-0.deploy.static.akamaitechnologies.com | - | High
|
||||
220 | [95.101.29.0](https://vuldb.com/?ip.95.101.29.0) | a95-101-29-0.deploy.static.akamaitechnologies.com | - | High
|
||||
221 | [96.7.0.0](https://vuldb.com/?ip.96.7.0.0) | a96-7-0-0.deploy.static.akamaitechnologies.com | - | High
|
||||
222 | [102.38.230.0](https://vuldb.com/?ip.102.38.230.0) | - | - | High
|
||||
223 | [104.75.170.0](https://vuldb.com/?ip.104.75.170.0) | a104-75-170-0.deploy.static.akamaitechnologies.com | - | High
|
||||
224 | [104.77.198.0](https://vuldb.com/?ip.104.77.198.0) | a104-77-198-0.deploy.static.akamaitechnologies.com | - | High
|
||||
225 | [104.77.200.0](https://vuldb.com/?ip.104.77.200.0) | a104-77-200-0.deploy.static.akamaitechnologies.com | - | High
|
||||
226 | ... | ... | ... | ...
|
||||
|
||||
There are 644 more IOC items available. Please use our online service to access the data.
|
||||
There are 902 more IOC items available. Please use our online service to access the data.
|
||||
|
||||
## TTP - Tactics, Techniques, Procedures
|
||||
|
||||
|
@ -192,11 +256,11 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-294 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
1 | T1006 | CWE-21, CWE-22 | Pathname Traversal | High
|
||||
2 | T1055 | CWE-74 | Injection | High
|
||||
3 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
5 | T1068 | CWE-250, CWE-264, CWE-269, CWE-284 | Execution with Unnecessary Privileges | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 19 more TTP items available. Please use our online service to access the data.
|
||||
|
@ -213,68 +277,76 @@ ID | Type | Indicator | Confidence
|
|||
4 | File | `/admin/addemployee.php` | High
|
||||
5 | File | `/admin/api/admin/articles/` | High
|
||||
6 | File | `/Admin/login.php` | High
|
||||
7 | File | `/admin/showbad.php` | High
|
||||
8 | File | `/anony/mjpg.cgi` | High
|
||||
7 | File | `/adms/admin/?page=vehicles/sell_vehicle` | High
|
||||
8 | File | `/adms/admin/?page=vehicles/view_transaction` | High
|
||||
9 | File | `/apilog.php` | Medium
|
||||
10 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
11 | File | `/connectors/index.php` | High
|
||||
12 | File | `/DocSystem/Repos/getReposAllUsers.do` | High
|
||||
13 | File | `/face-recognition-php/facepay-master/camera.php` | High
|
||||
14 | File | `/forum/away.php` | High
|
||||
15 | File | `/hrm/employeeadd.php` | High
|
||||
16 | File | `/hrm/employeeview.php` | High
|
||||
17 | File | `/index.php` | Medium
|
||||
18 | File | `/items/view_item.php` | High
|
||||
19 | File | `/jsoa/hntdCustomDesktopActionContent` | High
|
||||
20 | File | `/lookin/info` | Medium
|
||||
21 | File | `/manager/index.php` | High
|
||||
22 | File | `/medical/inventories.php` | High
|
||||
23 | File | `/mkshop/Men/profile.php` | High
|
||||
24 | File | `/mobile/downloadfile.aspx` | High
|
||||
25 | File | `/modules/profile/index.php` | High
|
||||
26 | File | `/modules/projects/vw_files.php` | High
|
||||
27 | File | `/modules/public/calendar.php` | High
|
||||
28 | File | `/net/nfc/netlink.c` | High
|
||||
29 | File | `/newsDia.php` | Medium
|
||||
30 | File | `/out.php` | Medium
|
||||
31 | File | `/outgoing.php` | High
|
||||
32 | File | `/proxy` | Low
|
||||
33 | File | `/public/launchNewWindow.jsp` | High
|
||||
34 | File | `/Redcock-Farm/farm/category.php` | High
|
||||
35 | File | `/reports/rwservlet` | High
|
||||
36 | File | `/sacco_shield/manage_user.php` | High
|
||||
37 | File | `/spip.php` | Medium
|
||||
38 | File | `/sqlitemanager/main.php?dbsel=-1%20or%2072%20=%2072` | High
|
||||
39 | File | `/staff/bookdetails.php` | High
|
||||
40 | File | `/staff/delete.php` | High
|
||||
41 | File | `/user/update_booking.php` | High
|
||||
42 | File | `/WEB-INF/web.xml` | High
|
||||
43 | File | `/Wedding-Management-PHP/admin/photos_add.php` | High
|
||||
44 | File | `/wordpress/wp-admin/options-general.php` | High
|
||||
45 | File | `/wp-content/plugins/woocommerce/templates/emails/plain/` | High
|
||||
46 | File | `AbstractScheduleJob.java` | High
|
||||
47 | File | `actionphp/download.File.php` | High
|
||||
48 | File | `adclick.php` | Medium
|
||||
49 | File | `addtocart.asp` | High
|
||||
50 | File | `admin.jcomments.php` | High
|
||||
51 | File | `admin.php` | Medium
|
||||
52 | File | `admin/conf_users_edit.php` | High
|
||||
53 | File | `admin/panels/entry/admin.entry.list.php` | High
|
||||
54 | File | `admin/panels/uploader/admin.uploader.php` | High
|
||||
55 | File | `admincp.php` | Medium
|
||||
56 | File | `admincp/search.php?do=dosearch` | High
|
||||
57 | File | `administers` | Medium
|
||||
58 | File | `admin_feature.php` | High
|
||||
59 | File | `afr.php` | Low
|
||||
60 | ... | ... | ...
|
||||
10 | File | `/APR/login.php` | High
|
||||
11 | File | `/bin/httpd` | Medium
|
||||
12 | File | `/cgi-bin/wapopen` | High
|
||||
13 | File | `/cgi-bin/webadminget.cgi` | High
|
||||
14 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
15 | File | `/connectors/index.php` | High
|
||||
16 | File | `/dev/block/mmcblk0rpmb` | High
|
||||
17 | File | `/DocSystem/Repos/getReposAllUsers.do` | High
|
||||
18 | File | `/face-recognition-php/facepay-master/camera.php` | High
|
||||
19 | File | `/forum/away.php` | High
|
||||
20 | File | `/fos/admin/ajax.php?action=login` | High
|
||||
21 | File | `/fos/admin/index.php?page=menu` | High
|
||||
22 | File | `/home/masterConsole` | High
|
||||
23 | File | `/home/sendBroadcast` | High
|
||||
24 | File | `/hrm/employeeadd.php` | High
|
||||
25 | File | `/hrm/employeeview.php` | High
|
||||
26 | File | `/index.php` | Medium
|
||||
27 | File | `/items/view_item.php` | High
|
||||
28 | File | `/jsoa/hntdCustomDesktopActionContent` | High
|
||||
29 | File | `/lookin/info` | Medium
|
||||
30 | File | `/manager/index.php` | High
|
||||
31 | File | `/medical/inventories.php` | High
|
||||
32 | File | `/modules/profile/index.php` | High
|
||||
33 | File | `/modules/projects/vw_files.php` | High
|
||||
34 | File | `/modules/public/calendar.php` | High
|
||||
35 | File | `/mygym/admin/index.php?view_exercises` | High
|
||||
36 | File | `/net/nfc/netlink.c` | High
|
||||
37 | File | `/newsDia.php` | Medium
|
||||
38 | File | `/out.php` | Medium
|
||||
39 | File | `/php-fusion/infusions/shoutbox_panel/shoutbox_archive.php` | High
|
||||
40 | File | `/php-opos/index.php` | High
|
||||
41 | File | `/proxy` | Low
|
||||
42 | File | `/public/launchNewWindow.jsp` | High
|
||||
43 | File | `/Redcock-Farm/farm/category.php` | High
|
||||
44 | File | `/reports/rwservlet` | High
|
||||
45 | File | `/sacco_shield/manage_user.php` | High
|
||||
46 | File | `/spip.php` | Medium
|
||||
47 | File | `/sqlitemanager/main.php?dbsel=-1%20or%2072%20=%2072` | High
|
||||
48 | File | `/staff/bookdetails.php` | High
|
||||
49 | File | `/staff/delete.php` | High
|
||||
50 | File | `/uncpath/` | Medium
|
||||
51 | File | `/user/update_booking.php` | High
|
||||
52 | File | `/Wedding-Management-PHP/admin/photos_add.php` | High
|
||||
53 | File | `/wireless/security.asp` | High
|
||||
54 | File | `/wordpress/wp-admin/options-general.php` | High
|
||||
55 | File | `01article.php` | High
|
||||
56 | File | `AbstractScheduleJob.java` | High
|
||||
57 | File | `actionphp/download.File.php` | High
|
||||
58 | File | `activenews_view.asp` | High
|
||||
59 | File | `adclick.php` | Medium
|
||||
60 | File | `addtocart.asp` | High
|
||||
61 | File | `admin.php` | Medium
|
||||
62 | File | `admin/?page=students/view_student` | High
|
||||
63 | File | `admin/abc.php` | High
|
||||
64 | File | `admin/admin.php?action=users&mode=info&user=2` | High
|
||||
65 | File | `admin/admin/adminsave.html` | High
|
||||
66 | File | `admin/conf_users_edit.php` | High
|
||||
67 | ... | ... | ...
|
||||
|
||||
There are 525 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 590 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
The following list contains _external sources_ which discuss the actor and the associated activities:
|
||||
|
||||
* https://github.com/firehol/blocklist-ipsets/blob/master/geolite2_country/country_co.netset
|
||||
* https://github.com/firehol/blocklist-ipsets/blob/master/ip2location_country/ip2location_country_co.netset
|
||||
|
||||
## Literature
|
||||
|
||||
|
|
|
@ -31,7 +31,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
3 | T1059.007 | CWE-79 | Cross Site Scripting | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 5 more TTP items available. Please use our online service to access the data.
|
||||
There are 6 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -41,10 +41,10 @@ ID | Type | Indicator | Confidence
|
|||
-- | ---- | --------- | ----------
|
||||
1 | File | `/index.php` | Medium
|
||||
2 | File | `/webhooks/aws` | High
|
||||
3 | File | `clearhistory.jsp` | High
|
||||
3 | File | `cgi-bin/awstats.pl` | High
|
||||
4 | ... | ... | ...
|
||||
|
||||
There are 20 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 22 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -9,11 +9,11 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
|
|||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Comoros Unknown:
|
||||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [ES](https://vuldb.com/?country.es)
|
||||
* [FR](https://vuldb.com/?country.fr)
|
||||
* [ES](https://vuldb.com/?country.es)
|
||||
* ...
|
||||
|
||||
There are 14 more country items available. Please use our online service to access the data.
|
||||
There are 15 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -23,11 +23,12 @@ ID | IP address | Hostname | Campaign | Confidence
|
|||
-- | ---------- | -------- | -------- | ----------
|
||||
1 | [5.62.60.96](https://vuldb.com/?ip.5.62.60.96) | r-96-60-62-5.consumer-pool.prcdn.net | - | High
|
||||
2 | [5.62.62.92](https://vuldb.com/?ip.5.62.62.92) | r-92-62-62-5.consumer-pool.prcdn.net | - | High
|
||||
3 | [41.194.33.0](https://vuldb.com/?ip.41.194.33.0) | - | - | High
|
||||
4 | [45.12.70.120](https://vuldb.com/?ip.45.12.70.120) | secon-mean.yourbandinc.com | - | High
|
||||
5 | ... | ... | ... | ...
|
||||
3 | [41.194.32.0](https://vuldb.com/?ip.41.194.32.0) | - | - | High
|
||||
4 | [41.194.33.0](https://vuldb.com/?ip.41.194.33.0) | - | - | High
|
||||
5 | [45.12.70.120](https://vuldb.com/?ip.45.12.70.120) | secon-mean.yourbandinc.com | - | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 14 more IOC items available. Please use our online service to access the data.
|
||||
There are 18 more IOC items available. Please use our online service to access the data.
|
||||
|
||||
## TTP - Tactics, Techniques, Procedures
|
||||
|
||||
|
@ -52,44 +53,46 @@ ID | Type | Indicator | Confidence
|
|||
2 | File | `/acms/admin/cargo_types/manage_cargo_type.php` | High
|
||||
3 | File | `/admin/ajax/avatar.php` | High
|
||||
4 | File | `/admin/index.php` | High
|
||||
5 | File | `/admin/payment.php` | High
|
||||
6 | File | `/admin/show.php` | High
|
||||
7 | File | `/cgi-bin/kerbynet` | High
|
||||
8 | File | `/default.php?idx=17` | High
|
||||
9 | File | `/download` | Medium
|
||||
10 | File | `/forum/away.php` | High
|
||||
11 | File | `/index.php` | Medium
|
||||
12 | File | `/opt/bin/cli` | Medium
|
||||
13 | File | `/p` | Low
|
||||
14 | File | `/patient/doctors.php` | High
|
||||
15 | File | `/phpinventory/editcategory.php` | High
|
||||
16 | File | `/product-list.php` | High
|
||||
17 | File | `/spip.php` | Medium
|
||||
18 | File | `/uncpath/` | Medium
|
||||
19 | File | `/updown/upload.cgi` | High
|
||||
20 | File | `/user/del.php` | High
|
||||
21 | File | `/_next` | Low
|
||||
22 | File | `123flashchat.php` | High
|
||||
23 | File | `act.php` | Low
|
||||
24 | File | `admin/bad.php` | High
|
||||
25 | File | `admin/index.php` | High
|
||||
26 | File | `admin/index.php/user/del/1` | High
|
||||
27 | File | `admin/index.php?id=themes&action=edit_chunk` | High
|
||||
28 | File | `administrator/index.php` | High
|
||||
29 | File | `ajax/render/widget_php` | High
|
||||
30 | File | `album_portal.php` | High
|
||||
31 | File | `api.php` | Low
|
||||
32 | File | `application/home/controller/debug.php` | High
|
||||
33 | File | `articulo.php` | Medium
|
||||
34 | ... | ... | ...
|
||||
5 | File | `/admin/lab.php` | High
|
||||
6 | File | `/admin/payment.php` | High
|
||||
7 | File | `/admin/show.php` | High
|
||||
8 | File | `/cgi-bin/kerbynet` | High
|
||||
9 | File | `/default.php?idx=17` | High
|
||||
10 | File | `/download` | Medium
|
||||
11 | File | `/forum/away.php` | High
|
||||
12 | File | `/index.php` | Medium
|
||||
13 | File | `/opt/bin/cli` | Medium
|
||||
14 | File | `/p` | Low
|
||||
15 | File | `/patient/doctors.php` | High
|
||||
16 | File | `/phpinventory/editcategory.php` | High
|
||||
17 | File | `/product-list.php` | High
|
||||
18 | File | `/spip.php` | Medium
|
||||
19 | File | `/uncpath/` | Medium
|
||||
20 | File | `/updown/upload.cgi` | High
|
||||
21 | File | `/user/del.php` | High
|
||||
22 | File | `/_next` | Low
|
||||
23 | File | `123flashchat.php` | High
|
||||
24 | File | `act.php` | Low
|
||||
25 | File | `admin/bad.php` | High
|
||||
26 | File | `admin/index.php` | High
|
||||
27 | File | `admin/index.php/user/del/1` | High
|
||||
28 | File | `admin/index.php?id=themes&action=edit_chunk` | High
|
||||
29 | File | `administrator/index.php` | High
|
||||
30 | File | `ajax/render/widget_php` | High
|
||||
31 | File | `album_portal.php` | High
|
||||
32 | File | `api.php` | Low
|
||||
33 | File | `application/home/controller/debug.php` | High
|
||||
34 | File | `articulo.php` | Medium
|
||||
35 | ... | ... | ...
|
||||
|
||||
There are 291 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 298 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
The following list contains _external sources_ which discuss the actor and the associated activities:
|
||||
|
||||
* https://github.com/firehol/blocklist-ipsets/blob/master/geolite2_country/country_km.netset
|
||||
* https://github.com/firehol/blocklist-ipsets/blob/master/ip2location_country/ip2location_country_km.netset
|
||||
|
||||
## Literature
|
||||
|
||||
|
|
|
@ -63,66 +63,68 @@ ID | Type | Indicator | Confidence
|
|||
1 | File | `.github/workflows/combine-prs.yml` | High
|
||||
2 | File | `/Admin/add-student.php` | High
|
||||
3 | File | `/admin/api/admin/articles/` | High
|
||||
4 | File | `/admin/conferences/list/` | High
|
||||
5 | File | `/Admin/login.php` | High
|
||||
6 | File | `/admin/showbad.php` | High
|
||||
7 | File | `/adms/admin/?page=vehicles/sell_vehicle` | High
|
||||
8 | File | `/adms/admin/?page=vehicles/view_transaction` | High
|
||||
9 | File | `/apilog.php` | Medium
|
||||
10 | File | `/APR/login.php` | High
|
||||
11 | File | `/bin/httpd` | Medium
|
||||
12 | File | `/cgi-bin/wapopen` | High
|
||||
13 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
14 | File | `/connectors/index.php` | High
|
||||
15 | File | `/dev/block/mmcblk0rpmb` | High
|
||||
16 | File | `/DocSystem/Repos/getReposAllUsers.do` | High
|
||||
17 | File | `/face-recognition-php/facepay-master/camera.php` | High
|
||||
18 | File | `/forum/away.php` | High
|
||||
19 | File | `/fos/admin/ajax.php?action=login` | High
|
||||
20 | File | `/fos/admin/index.php?page=menu` | High
|
||||
21 | File | `/home/masterConsole` | High
|
||||
22 | File | `/home/sendBroadcast` | High
|
||||
23 | File | `/hrm/employeeadd.php` | High
|
||||
24 | File | `/hrm/employeeview.php` | High
|
||||
25 | File | `/index.php` | Medium
|
||||
26 | File | `/items/view_item.php` | High
|
||||
27 | File | `/jsoa/hntdCustomDesktopActionContent` | High
|
||||
28 | File | `/lookin/info` | Medium
|
||||
29 | File | `/manager/index.php` | High
|
||||
30 | File | `/medical/inventories.php` | High
|
||||
31 | File | `/modules/profile/index.php` | High
|
||||
32 | File | `/modules/projects/vw_files.php` | High
|
||||
33 | File | `/modules/public/calendar.php` | High
|
||||
34 | File | `/mygym/admin/index.php?view_exercises` | High
|
||||
35 | File | `/newsDia.php` | Medium
|
||||
36 | File | `/out.php` | Medium
|
||||
37 | File | `/php-opos/index.php` | High
|
||||
38 | File | `/proxy` | Low
|
||||
39 | File | `/public/launchNewWindow.jsp` | High
|
||||
40 | File | `/Redcock-Farm/farm/category.php` | High
|
||||
41 | File | `/reports/rwservlet` | High
|
||||
42 | File | `/sacco_shield/manage_user.php` | High
|
||||
43 | File | `/spip.php` | Medium
|
||||
44 | File | `/sqlitemanager/main.php?dbsel=-1%20or%2072%20=%2072` | High
|
||||
45 | File | `/staff/bookdetails.php` | High
|
||||
46 | File | `/uncpath/` | Medium
|
||||
47 | File | `/user/update_booking.php` | High
|
||||
48 | File | `/WEB-INF/web.xml` | High
|
||||
49 | File | `/Wedding-Management-PHP/admin/photos_add.php` | High
|
||||
50 | File | `/wireless/security.asp` | High
|
||||
51 | File | `/wordpress/wp-admin/options-general.php` | High
|
||||
52 | File | `/wp-content/plugins/woocommerce/templates/emails/plain/` | High
|
||||
53 | File | `01article.php` | High
|
||||
54 | File | `AbstractScheduleJob.java` | High
|
||||
55 | File | `actionphp/download.File.php` | High
|
||||
4 | File | `/Admin/login.php` | High
|
||||
5 | File | `/admin/showbad.php` | High
|
||||
6 | File | `/adms/admin/?page=vehicles/sell_vehicle` | High
|
||||
7 | File | `/adms/admin/?page=vehicles/view_transaction` | High
|
||||
8 | File | `/apilog.php` | Medium
|
||||
9 | File | `/APR/login.php` | High
|
||||
10 | File | `/bin/httpd` | Medium
|
||||
11 | File | `/cgi-bin/wapopen` | High
|
||||
12 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
13 | File | `/connectors/index.php` | High
|
||||
14 | File | `/dev/block/mmcblk0rpmb` | High
|
||||
15 | File | `/DocSystem/Repos/getReposAllUsers.do` | High
|
||||
16 | File | `/face-recognition-php/facepay-master/camera.php` | High
|
||||
17 | File | `/forum/away.php` | High
|
||||
18 | File | `/fos/admin/ajax.php?action=login` | High
|
||||
19 | File | `/fos/admin/index.php?page=menu` | High
|
||||
20 | File | `/home/masterConsole` | High
|
||||
21 | File | `/home/sendBroadcast` | High
|
||||
22 | File | `/hrm/employeeadd.php` | High
|
||||
23 | File | `/hrm/employeeview.php` | High
|
||||
24 | File | `/index.php` | Medium
|
||||
25 | File | `/items/view_item.php` | High
|
||||
26 | File | `/jsoa/hntdCustomDesktopActionContent` | High
|
||||
27 | File | `/lookin/info` | Medium
|
||||
28 | File | `/manager/index.php` | High
|
||||
29 | File | `/medical/inventories.php` | High
|
||||
30 | File | `/modules/profile/index.php` | High
|
||||
31 | File | `/modules/projects/vw_files.php` | High
|
||||
32 | File | `/modules/public/calendar.php` | High
|
||||
33 | File | `/mygym/admin/index.php?view_exercises` | High
|
||||
34 | File | `/newsDia.php` | Medium
|
||||
35 | File | `/out.php` | Medium
|
||||
36 | File | `/php-opos/index.php` | High
|
||||
37 | File | `/proxy` | Low
|
||||
38 | File | `/public/launchNewWindow.jsp` | High
|
||||
39 | File | `/Redcock-Farm/farm/category.php` | High
|
||||
40 | File | `/reports/rwservlet` | High
|
||||
41 | File | `/sacco_shield/manage_user.php` | High
|
||||
42 | File | `/spip.php` | Medium
|
||||
43 | File | `/sqlitemanager/main.php?dbsel=-1%20or%2072%20=%2072` | High
|
||||
44 | File | `/staff/bookdetails.php` | High
|
||||
45 | File | `/uncpath/` | Medium
|
||||
46 | File | `/user/update_booking.php` | High
|
||||
47 | File | `/WEB-INF/web.xml` | High
|
||||
48 | File | `/Wedding-Management-PHP/admin/photos_add.php` | High
|
||||
49 | File | `/wireless/security.asp` | High
|
||||
50 | File | `/wordpress/wp-admin/options-general.php` | High
|
||||
51 | File | `/wp-content/plugins/woocommerce/templates/emails/plain/` | High
|
||||
52 | File | `01article.php` | High
|
||||
53 | File | `AbstractScheduleJob.java` | High
|
||||
54 | File | `actionphp/download.File.php` | High
|
||||
55 | File | `activenews_view.asp` | High
|
||||
56 | File | `adclick.php` | Medium
|
||||
57 | File | `addtocart.asp` | High
|
||||
58 | File | `admin.php` | Medium
|
||||
59 | File | `admin/abc.php` | High
|
||||
60 | File | `admin/admin.php?action=users&mode=info&user=2` | High
|
||||
61 | ... | ... | ...
|
||||
61 | File | `admin/admin/adminsave.html` | High
|
||||
62 | File | `admin/conf_users_edit.php` | High
|
||||
63 | ... | ... | ...
|
||||
|
||||
There are 531 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 553 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -8,12 +8,8 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
|
|||
|
||||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Congo Republic Unknown:
|
||||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [FR](https://vuldb.com/?country.fr)
|
||||
* [ES](https://vuldb.com/?country.es)
|
||||
* ...
|
||||
|
||||
There are 17 more country items available. Please use our online service to access the data.
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -23,16 +19,36 @@ ID | IP address | Hostname | Campaign | Confidence
|
|||
-- | ---------- | -------- | -------- | ----------
|
||||
1 | [5.62.61.100](https://vuldb.com/?ip.5.62.61.100) | r-100-61-62-5.consumer-pool.prcdn.net | - | High
|
||||
2 | [5.62.63.76](https://vuldb.com/?ip.5.62.63.76) | r-76-63-62-5.consumer-pool.prcdn.net | - | High
|
||||
3 | [41.75.64.0](https://vuldb.com/?ip.41.75.64.0) | - | - | High
|
||||
4 | [41.190.72.0](https://vuldb.com/?ip.41.190.72.0) | - | - | High
|
||||
5 | [41.194.71.0](https://vuldb.com/?ip.41.194.71.0) | - | - | High
|
||||
6 | [41.194.74.0](https://vuldb.com/?ip.41.194.74.0) | - | - | High
|
||||
7 | [41.207.121.0](https://vuldb.com/?ip.41.207.121.0) | - | - | High
|
||||
8 | [41.207.125.0](https://vuldb.com/?ip.41.207.125.0) | - | - | High
|
||||
9 | [41.223.88.0](https://vuldb.com/?ip.41.223.88.0) | - | - | High
|
||||
10 | ... | ... | ... | ...
|
||||
3 | [5.175.77.0](https://vuldb.com/?ip.5.175.77.0) | - | - | High
|
||||
4 | [31.209.128.0](https://vuldb.com/?ip.31.209.128.0) | 0.128.209.31.as43256.net | - | High
|
||||
5 | [31.209.130.0](https://vuldb.com/?ip.31.209.130.0) | 0.130.209.31.as43256.net | - | High
|
||||
6 | [31.209.132.0](https://vuldb.com/?ip.31.209.132.0) | 0.132.209.31.as43256.net | - | High
|
||||
7 | [41.60.24.0](https://vuldb.com/?ip.41.60.24.0) | - | - | High
|
||||
8 | [41.60.212.0](https://vuldb.com/?ip.41.60.212.0) | - | - | High
|
||||
9 | [41.75.64.0](https://vuldb.com/?ip.41.75.64.0) | - | - | High
|
||||
10 | [41.77.220.0](https://vuldb.com/?ip.41.77.220.0) | - | - | High
|
||||
11 | [41.78.192.0](https://vuldb.com/?ip.41.78.192.0) | - | - | High
|
||||
12 | [41.79.232.0](https://vuldb.com/?ip.41.79.232.0) | - | - | High
|
||||
13 | [41.79.234.0](https://vuldb.com/?ip.41.79.234.0) | - | - | High
|
||||
14 | [41.189.192.0](https://vuldb.com/?ip.41.189.192.0) | - | - | High
|
||||
15 | [41.190.72.0](https://vuldb.com/?ip.41.190.72.0) | - | - | High
|
||||
16 | [41.190.80.0](https://vuldb.com/?ip.41.190.80.0) | - | - | High
|
||||
17 | [41.190.232.0](https://vuldb.com/?ip.41.190.232.0) | - | - | High
|
||||
18 | [41.194.60.0](https://vuldb.com/?ip.41.194.60.0) | - | - | High
|
||||
19 | [41.194.71.0](https://vuldb.com/?ip.41.194.71.0) | - | - | High
|
||||
20 | [41.194.74.0](https://vuldb.com/?ip.41.194.74.0) | - | - | High
|
||||
21 | [41.197.47.0](https://vuldb.com/?ip.41.197.47.0) | - | - | High
|
||||
22 | [41.207.115.0](https://vuldb.com/?ip.41.207.115.0) | - | - | High
|
||||
23 | [41.207.121.0](https://vuldb.com/?ip.41.207.121.0) | - | - | High
|
||||
24 | [41.207.125.0](https://vuldb.com/?ip.41.207.125.0) | - | - | High
|
||||
25 | [41.215.252.0](https://vuldb.com/?ip.41.215.252.0) | - | - | High
|
||||
26 | [41.218.109.0](https://vuldb.com/?ip.41.218.109.0) | - | - | High
|
||||
27 | [41.221.218.0](https://vuldb.com/?ip.41.221.218.0) | - | - | High
|
||||
28 | [41.222.196.0](https://vuldb.com/?ip.41.222.196.0) | 0-196-222-41.r.airtel.cd | - | High
|
||||
29 | [41.222.216.0](https://vuldb.com/?ip.41.222.216.0) | - | - | High
|
||||
30 | ... | ... | ... | ...
|
||||
|
||||
There are 36 more IOC items available. Please use our online service to access the data.
|
||||
There are 117 more IOC items available. Please use our online service to access the data.
|
||||
|
||||
## TTP - Tactics, Techniques, Procedures
|
||||
|
||||
|
@ -40,59 +56,16 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-294 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
|
||||
5 | ... | ... | ... | ...
|
||||
|
||||
There are 14 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
These _indicators of attack_ (IOA) list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration by Congo Republic Unknown. This data is unique as it uses our predictive model for actor profiling.
|
||||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `.htaccess` | Medium
|
||||
2 | File | `/+CSCOE+/logon.html` | High
|
||||
3 | File | `/acms/admin/cargo_types/view_cargo_type.php` | High
|
||||
4 | File | `/admin/addemployee.php` | High
|
||||
5 | File | `/admin/index.php` | High
|
||||
6 | File | `/apilog.php` | Medium
|
||||
7 | File | `/appliance/users?action=edit` | High
|
||||
8 | File | `/filemanager/upload.php` | High
|
||||
9 | File | `/forum/away.php` | High
|
||||
10 | File | `/if.cgi` | Low
|
||||
11 | File | `/mifs/c/i/reg/reg.html` | High
|
||||
12 | File | `/modules/profile/index.php` | High
|
||||
13 | File | `/news.dtl.php` | High
|
||||
14 | File | `/php_action/createUser.php` | High
|
||||
15 | File | `/see_more_details.php` | High
|
||||
16 | File | `/services/details.asp` | High
|
||||
17 | File | `/setup` | Low
|
||||
18 | File | `/spip.php` | Medium
|
||||
19 | File | `/uncpath/` | Medium
|
||||
20 | File | `/var/log/nginx` | High
|
||||
21 | File | `/VPortal/mgtconsole/Subscriptions.jsp` | High
|
||||
22 | File | `/wp-content/plugins/updraftplus/admin.php` | High
|
||||
23 | File | `act.php` | Low
|
||||
24 | File | `adclick.php` | Medium
|
||||
25 | File | `admin` | Low
|
||||
26 | File | `admin.php` | Medium
|
||||
27 | File | `admin/adminsignin.html` | High
|
||||
28 | File | `admin/movieview.php` | High
|
||||
29 | File | `admin/notices/perso.inc.php` | High
|
||||
30 | File | `admin/versions.html` | High
|
||||
31 | ... | ... | ...
|
||||
|
||||
There are 261 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
1 | T1068 | CWE-264 | Execution with Unnecessary Privileges | High
|
||||
2 | T1552 | CWE-640 | ASP.NET Misconfiguration: Password in Configuration File | High
|
||||
3 | T1592 | CWE-200 | Configuration | High
|
||||
|
||||
## References
|
||||
|
||||
The following list contains _external sources_ which discuss the actor and the associated activities:
|
||||
|
||||
* https://github.com/firehol/blocklist-ipsets/blob/master/geolite2_country/country_cg.netset
|
||||
* https://github.com/firehol/blocklist-ipsets/blob/master/ip2location_country/ip2location_country_cd.netset
|
||||
|
||||
## Literature
|
||||
|
||||
|
|
|
@ -525,13 +525,13 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-28 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-294 | Authentication Bypass by Capture-replay | High
|
||||
2 | T1040 | CWE-294, CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 22 more TTP items available. Please use our online service to access the data.
|
||||
There are 21 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -546,42 +546,42 @@ ID | Type | Indicator | Confidence
|
|||
5 | File | `/admin/add-new.php` | High
|
||||
6 | File | `/admin/doctors.php` | High
|
||||
7 | File | `/admin/submit-articles` | High
|
||||
8 | File | `/admin/subnets/ripe-query.php` | High
|
||||
9 | File | `/alphaware/summary.php` | High
|
||||
8 | File | `/alphaware/summary.php` | High
|
||||
9 | File | `/api/` | Low
|
||||
10 | File | `/appliance/users?action=edit` | High
|
||||
11 | File | `/apply.cgi` | Medium
|
||||
12 | File | `/attachments` | Medium
|
||||
13 | File | `/backup.pl` | Medium
|
||||
14 | File | `/boat/login.php` | High
|
||||
15 | File | `/bsms_ci/index.php/book` | High
|
||||
16 | File | `/context/%2e/WEB-INF/web.xml` | High
|
||||
17 | File | `/debug/pprof` | Medium
|
||||
18 | File | `/DocSystem/Repos/getReposAllUsers.do` | High
|
||||
19 | File | `/edoc/doctor/patient.php` | High
|
||||
20 | File | `/etc/hosts` | Medium
|
||||
21 | File | `/etc/ldap.conf` | High
|
||||
22 | File | `/etc/quagga` | Medium
|
||||
23 | File | `/etc/shadow` | Medium
|
||||
24 | File | `/event/admin/?page=user/list` | High
|
||||
25 | File | `/foms/place-order.php` | High
|
||||
26 | File | `/forum/away.php` | High
|
||||
27 | File | `/h/calendar` | Medium
|
||||
28 | File | `/hardware` | Medium
|
||||
29 | File | `/index.php` | Medium
|
||||
30 | File | `/medicines/profile.php` | High
|
||||
31 | File | `/modules/caddyhttp/rewrite/rewrite.go` | High
|
||||
32 | File | `/out.php` | Medium
|
||||
33 | File | `/php-scrm/login.php` | High
|
||||
34 | File | `/proxy` | Low
|
||||
35 | File | `/reservation/add_message.php` | High
|
||||
36 | File | `/reviewer_0/admins/assessments/pretest/questions-view.php` | High
|
||||
37 | File | `/spip.php` | Medium
|
||||
38 | File | `/tmp` | Low
|
||||
39 | File | `/uncpath/` | Medium
|
||||
40 | File | `/user/loader.php?api=1` | High
|
||||
41 | File | `/vendor/htmlawed/htmlawed/htmLawedTest.php` | High
|
||||
42 | File | `/video-sharing-script/watch-video.php` | High
|
||||
43 | File | `/wp-admin/admin-ajax.php` | High
|
||||
16 | File | `/debug/pprof` | Medium
|
||||
17 | File | `/DocSystem/Repos/getReposAllUsers.do` | High
|
||||
18 | File | `/edoc/doctor/patient.php` | High
|
||||
19 | File | `/etc/hosts` | Medium
|
||||
20 | File | `/etc/ldap.conf` | High
|
||||
21 | File | `/etc/quagga` | Medium
|
||||
22 | File | `/etc/shadow` | Medium
|
||||
23 | File | `/event/admin/?page=user/list` | High
|
||||
24 | File | `/forum/away.php` | High
|
||||
25 | File | `/hardware` | Medium
|
||||
26 | File | `/index.php` | Medium
|
||||
27 | File | `/medicines/profile.php` | High
|
||||
28 | File | `/modules/caddyhttp/rewrite/rewrite.go` | High
|
||||
29 | File | `/out.php` | Medium
|
||||
30 | File | `/php-scrm/login.php` | High
|
||||
31 | File | `/proxy` | Low
|
||||
32 | File | `/reservation/add_message.php` | High
|
||||
33 | File | `/reviewer_0/admins/assessments/pretest/questions-view.php` | High
|
||||
34 | File | `/Session` | Medium
|
||||
35 | File | `/spip.php` | Medium
|
||||
36 | File | `/tmp` | Low
|
||||
37 | File | `/uncpath/` | Medium
|
||||
38 | File | `/user/loader.php?api=1` | High
|
||||
39 | File | `/vendor/htmlawed/htmlawed/htmLawedTest.php` | High
|
||||
40 | File | `/video-sharing-script/watch-video.php` | High
|
||||
41 | File | `/wireless/security.asp` | High
|
||||
42 | File | `/wp-admin/admin-ajax.php` | High
|
||||
43 | File | `/wp-content/plugins/woocommerce/templates/emails/plain/` | High
|
||||
44 | ... | ... | ...
|
||||
|
||||
There are 381 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
|
|
@ -23,10 +23,10 @@ ID | IP address | Hostname | Campaign | Confidence
|
|||
-- | ---------- | -------- | -------- | ----------
|
||||
1 | [5.62.56.64](https://vuldb.com/?ip.5.62.56.64) | r-64-56-62-5.consumer-pool.prcdn.net | - | High
|
||||
2 | [5.62.58.60](https://vuldb.com/?ip.5.62.58.60) | r-60-58-62-5.consumer-pool.prcdn.net | - | High
|
||||
3 | [45.12.70.45](https://vuldb.com/?ip.45.12.70.45) | earns.get-eye.com | - | High
|
||||
3 | [14.137.40.0](https://vuldb.com/?ip.14.137.40.0) | - | - | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 9 more IOC items available. Please use our online service to access the data.
|
||||
There are 10 more IOC items available. Please use our online service to access the data.
|
||||
|
||||
## TTP - Tactics, Techniques, Procedures
|
||||
|
||||
|
@ -91,16 +91,17 @@ ID | Type | Indicator | Confidence
|
|||
41 | File | `admin/param/param_func.inc.php` | High
|
||||
42 | File | `admin/y_admin.asp` | High
|
||||
43 | File | `adminer.php` | Medium
|
||||
44 | File | `administrator/components/com_media/helpers/media.php` | High
|
||||
45 | File | `admin_ok.asp` | Medium
|
||||
46 | File | `app/Core/Paginator.php` | High
|
||||
47 | File | `app/index.php/accounts/default/details?id=2&kanbanBoard=1&openToTaskId=1` | High
|
||||
48 | File | `artlinks.dispnew.php` | High
|
||||
49 | File | `auth.php` | Medium
|
||||
50 | File | `bin/named/query.c` | High
|
||||
51 | File | `blank.php` | Medium
|
||||
52 | File | `blocklayered-ajax.php` | High
|
||||
53 | ... | ... | ...
|
||||
44 | File | `administration/admins.php` | High
|
||||
45 | File | `administrator/components/com_media/helpers/media.php` | High
|
||||
46 | File | `admin_ok.asp` | Medium
|
||||
47 | File | `app/Core/Paginator.php` | High
|
||||
48 | File | `app/index.php/accounts/default/details?id=2&kanbanBoard=1&openToTaskId=1` | High
|
||||
49 | File | `artlinks.dispnew.php` | High
|
||||
50 | File | `auth.php` | Medium
|
||||
51 | File | `bin/named/query.c` | High
|
||||
52 | File | `blank.php` | Medium
|
||||
53 | File | `blocklayered-ajax.php` | High
|
||||
54 | ... | ... | ...
|
||||
|
||||
There are 466 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
|
@ -109,6 +110,7 @@ There are 466 more IOA items available (file, library, argument, input value, pa
|
|||
The following list contains _external sources_ which discuss the actor and the associated activities:
|
||||
|
||||
* https://github.com/firehol/blocklist-ipsets/blob/master/geolite2_country/country_ck.netset
|
||||
* https://github.com/firehol/blocklist-ipsets/blob/master/ip2location_country/ip2location_country_ck.netset
|
||||
|
||||
## Literature
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [VN](https://vuldb.com/?country.vn)
|
||||
* ...
|
||||
|
||||
There are 9 more country items available. Please use our online service to access the data.
|
||||
There are 10 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -154,14 +154,13 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-28 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-28 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-294 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
5 | ... | ... | ... | ...
|
||||
|
||||
There are 18 more TTP items available. Please use our online service to access the data.
|
||||
There are 17 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -170,51 +169,55 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/+CSCOE+/logon.html` | High
|
||||
2 | File | `/action/wirelessConnect` | High
|
||||
3 | File | `/admin/upload/upload` | High
|
||||
4 | File | `/attachments` | Medium
|
||||
5 | File | `/bsms_ci/index.php/book` | High
|
||||
6 | File | `/cgi-bin/DownloadFlash` | High
|
||||
7 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
8 | File | `/config/getuser` | High
|
||||
9 | File | `/debug/pprof` | Medium
|
||||
10 | File | `/etc/hosts` | Medium
|
||||
11 | File | `/example/editor` | High
|
||||
12 | File | `/forum/away.php` | High
|
||||
13 | File | `/HNAP1` | Low
|
||||
14 | File | `/index` | Low
|
||||
15 | File | `/iu-application/controllers/administration/auth.php` | High
|
||||
16 | File | `/Kofax/KFS/ThinClient/document/upload/` | High
|
||||
17 | File | `/medicines/profile.php` | High
|
||||
18 | File | `/obs/book.php` | High
|
||||
19 | File | `/ossn/administrator/com_installer` | High
|
||||
20 | File | `/pms/update_user.php?user_id=1` | High
|
||||
21 | File | `/sre/params.php` | High
|
||||
22 | File | `/tensorflow/core/grappler/optimizers/arithmetic_optimizer.cc` | High
|
||||
23 | File | `/tmp` | Low
|
||||
24 | File | `/tmp/xbindkeysrc-tmp` | High
|
||||
25 | File | `/user/upload/upload` | High
|
||||
26 | File | `/Users` | Low
|
||||
27 | File | `/var/spool/hylafax` | High
|
||||
28 | File | `/vendor` | Low
|
||||
29 | File | `access_rules/rules_form` | High
|
||||
30 | File | `accountrecoveryendpoint/recoverpassword.do` | High
|
||||
31 | File | `action/addproject.php` | High
|
||||
32 | File | `adclick.php` | Medium
|
||||
33 | File | `add_contestant.php` | High
|
||||
34 | File | `admin.php` | Medium
|
||||
35 | File | `admin/ajax.attachment.php` | High
|
||||
36 | File | `admin/index.php` | High
|
||||
37 | File | `admin/make_payments.php` | High
|
||||
38 | File | `admin/sysCheckFile_deal.php` | High
|
||||
39 | File | `Advanced_ASUSDDNS_Content.asp` | High
|
||||
40 | File | `af_netlink.c` | Medium
|
||||
41 | File | `album_portal.php` | High
|
||||
42 | File | `and/or` | Low
|
||||
43 | File | `AppRestrictionsFragment.java` | High
|
||||
44 | ... | ... | ...
|
||||
2 | File | `/admin.php/accessory/filesdel.html` | High
|
||||
3 | File | `/admin/?page=user/manage` | High
|
||||
4 | File | `/admin/add-new.php` | High
|
||||
5 | File | `/admin/doctors.php` | High
|
||||
6 | File | `/admin/upload/upload` | High
|
||||
7 | File | `/alphaware/summary.php` | High
|
||||
8 | File | `/boat/login.php` | High
|
||||
9 | File | `/bsms_ci/index.php/book` | High
|
||||
10 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
11 | File | `/config/getuser` | High
|
||||
12 | File | `/debug/pprof` | Medium
|
||||
13 | File | `/ecshop/admin/template.php` | High
|
||||
14 | File | `/forum/away.php` | High
|
||||
15 | File | `/forum/PostPrivateMessage` | High
|
||||
16 | File | `/home/www/cgi-bin/login.cgi` | High
|
||||
17 | File | `/Kofax/KFS/ThinClient/document/upload/` | High
|
||||
18 | File | `/medicines/profile.php` | High
|
||||
19 | File | `/net-banking/customer_transactions.php` | High
|
||||
20 | File | `/obs/book.php` | High
|
||||
21 | File | `/ossn/administrator/com_installer` | High
|
||||
22 | File | `/pms/update_user.php?user_id=1` | High
|
||||
23 | File | `/reservation/add_message.php` | High
|
||||
24 | File | `/spip.php` | Medium
|
||||
25 | File | `/sre/params.php` | High
|
||||
26 | File | `/tmp` | Low
|
||||
27 | File | `/user/upload/upload` | High
|
||||
28 | File | `/Users` | Low
|
||||
29 | File | `/var/spool/hylafax` | High
|
||||
30 | File | `/vendor` | Low
|
||||
31 | File | `/vendor/htmlawed/htmlawed/htmLawedTest.php` | High
|
||||
32 | File | `/video-sharing-script/watch-video.php` | High
|
||||
33 | File | `accountrecoveryendpoint/recoverpassword.do` | High
|
||||
34 | File | `AcquisiAction.class.php` | High
|
||||
35 | File | `action/addproject.php` | High
|
||||
36 | File | `adclick.php` | Medium
|
||||
37 | File | `add_contestant.php` | High
|
||||
38 | File | `admin.php` | Medium
|
||||
39 | File | `admin/add_payment.php` | High
|
||||
40 | File | `admin/conf_users_edit.php` | High
|
||||
41 | File | `admin/disapprove_user.php` | High
|
||||
42 | File | `admin/fecalysis_form.php` | High
|
||||
43 | File | `admin/forget_password.php` | High
|
||||
44 | File | `admin/index.php` | High
|
||||
45 | File | `admin/make_payments.php` | High
|
||||
46 | File | `admin/posts.php?source=add_post` | High
|
||||
47 | File | `admin/sysCheckFile_deal.php` | High
|
||||
48 | ... | ... | ...
|
||||
|
||||
There are 380 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 417 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -19,7 +19,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [PL](https://vuldb.com/?country.pl)
|
||||
* ...
|
||||
|
||||
There are 9 more country items available. Please use our online service to access the data.
|
||||
There are 10 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -111,7 +111,7 @@ ID | Type | Indicator | Confidence
|
|||
40 | File | `/release-x64/otfccdump+0x6e412a` | High
|
||||
41 | ... | ... | ...
|
||||
|
||||
There are 357 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 358 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -21,69 +21,91 @@ These _indicators of compromise_ (IOC) indicate associated network resources whi
|
|||
|
||||
ID | IP address | Hostname | Campaign | Confidence
|
||||
-- | ---------- | -------- | -------- | ----------
|
||||
1 | [5.62.56.68](https://vuldb.com/?ip.5.62.56.68) | r-68-56-62-5.consumer-pool.prcdn.net | - | High
|
||||
2 | [5.62.58.64](https://vuldb.com/?ip.5.62.58.64) | r-64-58-62-5.consumer-pool.prcdn.net | - | High
|
||||
3 | [8.243.240.0](https://vuldb.com/?ip.8.243.240.0) | - | - | High
|
||||
4 | [23.229.109.0](https://vuldb.com/?ip.23.229.109.0) | - | - | High
|
||||
5 | [34.99.96.0](https://vuldb.com/?ip.34.99.96.0) | 0.96.99.34.bc.googleusercontent.com | - | Medium
|
||||
6 | [34.99.116.0](https://vuldb.com/?ip.34.99.116.0) | 0.116.99.34.bc.googleusercontent.com | - | Medium
|
||||
7 | [37.35.105.204](https://vuldb.com/?ip.37.35.105.204) | global8.peakmont-dynamics.com | - | High
|
||||
8 | [38.87.253.0](https://vuldb.com/?ip.38.87.253.0) | - | - | High
|
||||
9 | [45.5.60.0](https://vuldb.com/?ip.45.5.60.0) | - | - | High
|
||||
10 | [45.7.140.0](https://vuldb.com/?ip.45.7.140.0) | - | - | High
|
||||
11 | [45.12.70.50](https://vuldb.com/?ip.45.12.70.50) | inflect.get-eye.com | - | High
|
||||
12 | [45.12.71.50](https://vuldb.com/?ip.45.12.71.50) | - | - | High
|
||||
13 | [45.130.72.0](https://vuldb.com/?ip.45.130.72.0) | - | - | High
|
||||
14 | [45.160.132.0](https://vuldb.com/?ip.45.160.132.0) | - | - | High
|
||||
15 | [45.162.204.0](https://vuldb.com/?ip.45.162.204.0) | - | - | High
|
||||
16 | [45.163.136.0](https://vuldb.com/?ip.45.163.136.0) | - | - | High
|
||||
17 | [45.167.17.0](https://vuldb.com/?ip.45.167.17.0) | - | - | High
|
||||
18 | [45.167.196.0](https://vuldb.com/?ip.45.167.196.0) | - | - | High
|
||||
19 | [45.168.196.0](https://vuldb.com/?ip.45.168.196.0) | - | - | High
|
||||
20 | [45.182.43.0](https://vuldb.com/?ip.45.182.43.0) | - | - | High
|
||||
21 | [45.185.43.0](https://vuldb.com/?ip.45.185.43.0) | - | - | High
|
||||
22 | [45.188.128.0](https://vuldb.com/?ip.45.188.128.0) | - | - | High
|
||||
23 | [45.224.202.0](https://vuldb.com/?ip.45.224.202.0) | - | - | High
|
||||
24 | [45.226.64.0](https://vuldb.com/?ip.45.226.64.0) | - | - | High
|
||||
25 | [45.227.200.0](https://vuldb.com/?ip.45.227.200.0) | - | - | High
|
||||
26 | [45.229.151.0](https://vuldb.com/?ip.45.229.151.0) | - | - | High
|
||||
27 | [45.229.246.0](https://vuldb.com/?ip.45.229.246.0) | - | - | High
|
||||
28 | [45.229.252.0](https://vuldb.com/?ip.45.229.252.0) | - | - | High
|
||||
29 | [45.231.52.0](https://vuldb.com/?ip.45.231.52.0) | - | - | High
|
||||
30 | [45.232.116.0](https://vuldb.com/?ip.45.232.116.0) | - | - | High
|
||||
31 | [45.239.64.0](https://vuldb.com/?ip.45.239.64.0) | - | - | High
|
||||
32 | [46.166.172.16](https://vuldb.com/?ip.46.166.172.16) | - | - | High
|
||||
33 | [57.75.224.0](https://vuldb.com/?ip.57.75.224.0) | - | - | High
|
||||
34 | [64.47.3.226](https://vuldb.com/?ip.64.47.3.226) | - | - | High
|
||||
35 | [64.86.216.0](https://vuldb.com/?ip.64.86.216.0) | - | - | High
|
||||
36 | [64.212.113.64](https://vuldb.com/?ip.64.212.113.64) | - | - | High
|
||||
37 | [65.182.11.0](https://vuldb.com/?ip.65.182.11.0) | - | - | High
|
||||
38 | [65.182.12.0](https://vuldb.com/?ip.65.182.12.0) | - | - | High
|
||||
39 | [65.182.16.0](https://vuldb.com/?ip.65.182.16.0) | - | - | High
|
||||
40 | [65.182.24.0](https://vuldb.com/?ip.65.182.24.0) | - | - | High
|
||||
41 | [65.182.28.0](https://vuldb.com/?ip.65.182.28.0) | - | - | High
|
||||
42 | [65.182.30.0](https://vuldb.com/?ip.65.182.30.0) | - | - | High
|
||||
43 | [67.73.254.0](https://vuldb.com/?ip.67.73.254.0) | - | - | High
|
||||
44 | [81.92.26.232](https://vuldb.com/?ip.81.92.26.232) | - | - | High
|
||||
45 | [82.195.173.246](https://vuldb.com/?ip.82.195.173.246) | - | - | High
|
||||
46 | [91.188.200.0](https://vuldb.com/?ip.91.188.200.0) | - | - | High
|
||||
47 | [94.124.96.0](https://vuldb.com/?ip.94.124.96.0) | - | - | High
|
||||
48 | [104.207.89.0](https://vuldb.com/?ip.104.207.89.0) | - | - | High
|
||||
49 | [128.90.107.0](https://vuldb.com/?ip.128.90.107.0) | undefined.hostname.localhost | - | High
|
||||
50 | [128.90.114.0](https://vuldb.com/?ip.128.90.114.0) | undefined.hostname.localhost | - | High
|
||||
51 | [128.201.144.0](https://vuldb.com/?ip.128.201.144.0) | - | - | High
|
||||
52 | [131.0.72.0](https://vuldb.com/?ip.131.0.72.0) | - | - | High
|
||||
53 | [131.108.36.0](https://vuldb.com/?ip.131.108.36.0) | - | - | High
|
||||
54 | [131.196.32.0](https://vuldb.com/?ip.131.196.32.0) | - | - | High
|
||||
55 | [138.59.16.0](https://vuldb.com/?ip.138.59.16.0) | - | - | High
|
||||
56 | [138.59.132.0](https://vuldb.com/?ip.138.59.132.0) | - | - | High
|
||||
57 | [138.94.56.0](https://vuldb.com/?ip.138.94.56.0) | - | - | High
|
||||
58 | [138.118.80.0](https://vuldb.com/?ip.138.118.80.0) | - | - | High
|
||||
59 | [138.118.156.0](https://vuldb.com/?ip.138.118.156.0) | - | - | High
|
||||
60 | [138.121.140.0](https://vuldb.com/?ip.138.121.140.0) | - | - | High
|
||||
61 | ... | ... | ... | ...
|
||||
1 | [2.59.172.0](https://vuldb.com/?ip.2.59.172.0) | - | - | High
|
||||
2 | [5.62.56.68](https://vuldb.com/?ip.5.62.56.68) | r-68-56-62-5.consumer-pool.prcdn.net | - | High
|
||||
3 | [5.62.58.64](https://vuldb.com/?ip.5.62.58.64) | r-64-58-62-5.consumer-pool.prcdn.net | - | High
|
||||
4 | [8.242.196.0](https://vuldb.com/?ip.8.242.196.0) | - | - | High
|
||||
5 | [8.243.240.0](https://vuldb.com/?ip.8.243.240.0) | - | - | High
|
||||
6 | [23.15.244.0](https://vuldb.com/?ip.23.15.244.0) | a23-15-244-0.deploy.static.akamaitechnologies.com | - | High
|
||||
7 | [23.79.232.0](https://vuldb.com/?ip.23.79.232.0) | a23-79-232-0.deploy.static.akamaitechnologies.com | - | High
|
||||
8 | [23.229.109.0](https://vuldb.com/?ip.23.229.109.0) | - | - | High
|
||||
9 | [34.99.96.0](https://vuldb.com/?ip.34.99.96.0) | 0.96.99.34.bc.googleusercontent.com | - | Medium
|
||||
10 | [34.99.116.0](https://vuldb.com/?ip.34.99.116.0) | 0.116.99.34.bc.googleusercontent.com | - | Medium
|
||||
11 | [34.99.126.0](https://vuldb.com/?ip.34.99.126.0) | 0.126.99.34.bc.googleusercontent.com | - | Medium
|
||||
12 | [37.35.105.204](https://vuldb.com/?ip.37.35.105.204) | global8.peakmont-dynamics.com | - | High
|
||||
13 | [38.87.253.0](https://vuldb.com/?ip.38.87.253.0) | - | - | High
|
||||
14 | [45.5.60.0](https://vuldb.com/?ip.45.5.60.0) | - | - | High
|
||||
15 | [45.7.140.0](https://vuldb.com/?ip.45.7.140.0) | - | - | High
|
||||
16 | [45.12.70.50](https://vuldb.com/?ip.45.12.70.50) | inflect.get-eye.com | - | High
|
||||
17 | [45.12.71.50](https://vuldb.com/?ip.45.12.71.50) | - | - | High
|
||||
18 | [45.65.188.0](https://vuldb.com/?ip.45.65.188.0) | - | - | High
|
||||
19 | [45.77.194.0](https://vuldb.com/?ip.45.77.194.0) | - | - | High
|
||||
20 | [45.85.85.0](https://vuldb.com/?ip.45.85.85.0) | - | - | High
|
||||
21 | [45.85.86.0](https://vuldb.com/?ip.45.85.86.0) | - | - | High
|
||||
22 | [45.130.72.0](https://vuldb.com/?ip.45.130.72.0) | - | - | High
|
||||
23 | [45.160.132.0](https://vuldb.com/?ip.45.160.132.0) | - | - | High
|
||||
24 | [45.162.204.0](https://vuldb.com/?ip.45.162.204.0) | - | - | High
|
||||
25 | [45.163.136.0](https://vuldb.com/?ip.45.163.136.0) | - | - | High
|
||||
26 | [45.167.17.0](https://vuldb.com/?ip.45.167.17.0) | - | - | High
|
||||
27 | [45.167.196.0](https://vuldb.com/?ip.45.167.196.0) | - | - | High
|
||||
28 | [45.168.196.0](https://vuldb.com/?ip.45.168.196.0) | - | - | High
|
||||
29 | [45.182.43.0](https://vuldb.com/?ip.45.182.43.0) | - | - | High
|
||||
30 | [45.185.43.0](https://vuldb.com/?ip.45.185.43.0) | - | - | High
|
||||
31 | [45.185.129.0](https://vuldb.com/?ip.45.185.129.0) | - | - | High
|
||||
32 | [45.188.128.0](https://vuldb.com/?ip.45.188.128.0) | - | - | High
|
||||
33 | [45.188.216.0](https://vuldb.com/?ip.45.188.216.0) | - | - | High
|
||||
34 | [45.224.202.0](https://vuldb.com/?ip.45.224.202.0) | - | - | High
|
||||
35 | [45.226.64.0](https://vuldb.com/?ip.45.226.64.0) | - | - | High
|
||||
36 | [45.227.200.0](https://vuldb.com/?ip.45.227.200.0) | - | - | High
|
||||
37 | [45.229.151.0](https://vuldb.com/?ip.45.229.151.0) | - | - | High
|
||||
38 | [45.229.246.0](https://vuldb.com/?ip.45.229.246.0) | - | - | High
|
||||
39 | [45.229.252.0](https://vuldb.com/?ip.45.229.252.0) | - | - | High
|
||||
40 | [45.231.52.0](https://vuldb.com/?ip.45.231.52.0) | - | - | High
|
||||
41 | [45.232.116.0](https://vuldb.com/?ip.45.232.116.0) | - | - | High
|
||||
42 | [45.239.64.0](https://vuldb.com/?ip.45.239.64.0) | - | - | High
|
||||
43 | [46.166.172.16](https://vuldb.com/?ip.46.166.172.16) | - | - | High
|
||||
44 | [57.74.80.0](https://vuldb.com/?ip.57.74.80.0) | - | - | High
|
||||
45 | [57.75.224.0](https://vuldb.com/?ip.57.75.224.0) | - | - | High
|
||||
46 | [63.141.205.0](https://vuldb.com/?ip.63.141.205.0) | - | - | High
|
||||
47 | [64.47.3.226](https://vuldb.com/?ip.64.47.3.226) | - | - | High
|
||||
48 | [64.86.216.0](https://vuldb.com/?ip.64.86.216.0) | - | - | High
|
||||
49 | [64.212.113.64](https://vuldb.com/?ip.64.212.113.64) | - | - | High
|
||||
50 | [65.182.11.0](https://vuldb.com/?ip.65.182.11.0) | - | - | High
|
||||
51 | [65.182.12.0](https://vuldb.com/?ip.65.182.12.0) | - | - | High
|
||||
52 | [65.182.16.0](https://vuldb.com/?ip.65.182.16.0) | - | - | High
|
||||
53 | [65.182.24.0](https://vuldb.com/?ip.65.182.24.0) | - | - | High
|
||||
54 | [65.182.28.0](https://vuldb.com/?ip.65.182.28.0) | - | - | High
|
||||
55 | [65.182.30.0](https://vuldb.com/?ip.65.182.30.0) | - | - | High
|
||||
56 | [67.73.254.0](https://vuldb.com/?ip.67.73.254.0) | - | - | High
|
||||
57 | [69.25.4.0](https://vuldb.com/?ip.69.25.4.0) | - | - | High
|
||||
58 | [70.35.148.0](https://vuldb.com/?ip.70.35.148.0) | - | - | High
|
||||
59 | [77.243.92.0](https://vuldb.com/?ip.77.243.92.0) | - | - | High
|
||||
60 | [77.243.94.0](https://vuldb.com/?ip.77.243.94.0) | - | - | High
|
||||
61 | [81.92.26.232](https://vuldb.com/?ip.81.92.26.232) | - | - | High
|
||||
62 | [82.195.173.246](https://vuldb.com/?ip.82.195.173.246) | - | - | High
|
||||
63 | [91.188.200.0](https://vuldb.com/?ip.91.188.200.0) | - | - | High
|
||||
64 | [94.124.96.0](https://vuldb.com/?ip.94.124.96.0) | - | - | High
|
||||
65 | [102.38.232.0](https://vuldb.com/?ip.102.38.232.0) | - | - | High
|
||||
66 | [103.225.130.0](https://vuldb.com/?ip.103.225.130.0) | - | - | High
|
||||
67 | [104.97.180.0](https://vuldb.com/?ip.104.97.180.0) | a104-97-180-0.deploy.static.akamaitechnologies.com | - | High
|
||||
68 | [104.207.89.0](https://vuldb.com/?ip.104.207.89.0) | - | - | High
|
||||
69 | [128.90.107.0](https://vuldb.com/?ip.128.90.107.0) | undefined.hostname.localhost | - | High
|
||||
70 | [128.90.114.0](https://vuldb.com/?ip.128.90.114.0) | undefined.hostname.localhost | - | High
|
||||
71 | [128.201.144.0](https://vuldb.com/?ip.128.201.144.0) | - | - | High
|
||||
72 | [129.134.130.0](https://vuldb.com/?ip.129.134.130.0) | - | - | High
|
||||
73 | [131.0.72.0](https://vuldb.com/?ip.131.0.72.0) | - | - | High
|
||||
74 | [131.108.36.0](https://vuldb.com/?ip.131.108.36.0) | - | - | High
|
||||
75 | [131.196.32.0](https://vuldb.com/?ip.131.196.32.0) | - | - | High
|
||||
76 | [134.238.177.0](https://vuldb.com/?ip.134.238.177.0) | - | - | High
|
||||
77 | [134.238.178.0](https://vuldb.com/?ip.134.238.178.0) | - | - | High
|
||||
78 | [134.238.207.0](https://vuldb.com/?ip.134.238.207.0) | - | - | High
|
||||
79 | [138.59.16.0](https://vuldb.com/?ip.138.59.16.0) | - | - | High
|
||||
80 | [138.59.132.0](https://vuldb.com/?ip.138.59.132.0) | - | - | High
|
||||
81 | [138.94.56.0](https://vuldb.com/?ip.138.94.56.0) | - | - | High
|
||||
82 | [138.118.80.0](https://vuldb.com/?ip.138.118.80.0) | - | - | High
|
||||
83 | ... | ... | ... | ...
|
||||
|
||||
There are 241 more IOC items available. Please use our online service to access the data.
|
||||
There are 326 more IOC items available. Please use our online service to access the data.
|
||||
|
||||
## TTP - Tactics, Techniques, Procedures
|
||||
|
||||
|
@ -91,7 +113,7 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23 | Pathname Traversal | High
|
||||
1 | T1006 | CWE-21, CWE-22 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-294 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
|
@ -107,74 +129,77 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `.github/workflows/combine-prs.yml` | High
|
||||
2 | File | `.htaccess` | Medium
|
||||
3 | File | `/Admin/add-student.php` | High
|
||||
4 | File | `/admin/api/admin/articles/` | High
|
||||
5 | File | `/admin/conferences/list/` | High
|
||||
6 | File | `/admin/edit_admin_details.php?id=admin` | High
|
||||
7 | File | `/admin/generalsettings.php` | High
|
||||
8 | File | `/Admin/login.php` | High
|
||||
9 | File | `/admin/payment.php` | High
|
||||
10 | File | `/admin/reports.php` | High
|
||||
11 | File | `/admin/showbad.php` | High
|
||||
12 | File | `/admin_page/all-files-update-ajax.php` | High
|
||||
13 | File | `/apilog.php` | Medium
|
||||
14 | File | `/cgi-bin/kerbynet` | High
|
||||
15 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
16 | File | `/connectors/index.php` | High
|
||||
17 | File | `/dev/block/mmcblk0rpmb` | High
|
||||
18 | File | `/dms/admin/reports/daily_collection_report.php` | High
|
||||
19 | File | `/DocSystem/Repos/getReposAllUsers.do` | High
|
||||
20 | File | `/face-recognition-php/facepay-master/camera.php` | High
|
||||
21 | File | `/forum/away.php` | High
|
||||
22 | File | `/fos/admin/ajax.php?action=login` | High
|
||||
23 | File | `/fos/admin/index.php?page=menu` | High
|
||||
24 | File | `/hrm/employeeadd.php` | High
|
||||
25 | File | `/hrm/employeeview.php` | High
|
||||
26 | File | `/index.php` | Medium
|
||||
27 | File | `/Items/*/RemoteImages/Download` | High
|
||||
28 | File | `/items/view_item.php` | High
|
||||
29 | File | `/jsoa/hntdCustomDesktopActionContent` | High
|
||||
30 | File | `/lists/admin/` | High
|
||||
31 | File | `/lookin/info` | Medium
|
||||
32 | File | `/MagickCore/image.c` | High
|
||||
33 | File | `/manager/index.php` | High
|
||||
34 | File | `/medical/inventories.php` | High
|
||||
35 | File | `/modules/profile/index.php` | High
|
||||
36 | File | `/modules/projects/vw_files.php` | High
|
||||
37 | File | `/modules/public/calendar.php` | High
|
||||
38 | File | `/newsDia.php` | Medium
|
||||
39 | File | `/out.php` | Medium
|
||||
40 | File | `/proxy` | Low
|
||||
41 | File | `/public/launchNewWindow.jsp` | High
|
||||
42 | File | `/Redcock-Farm/farm/category.php` | High
|
||||
43 | File | `/reports/rwservlet` | High
|
||||
44 | File | `/sacco_shield/manage_user.php` | High
|
||||
45 | File | `/spip.php` | Medium
|
||||
46 | File | `/sqlitemanager/main.php?dbsel=-1%20or%2072%20=%2072` | High
|
||||
47 | File | `/staff/bookdetails.php` | High
|
||||
48 | File | `/TeleoptiWFM/Administration/GetOneTenant` | High
|
||||
49 | File | `/user/update_booking.php` | High
|
||||
50 | File | `/WEB-INF/web.xml` | High
|
||||
51 | File | `/Wedding-Management-PHP/admin/photos_add.php` | High
|
||||
52 | File | `/Wedding-Management/package_detail.php` | High
|
||||
53 | File | `/wordpress/wp-admin/options-general.php` | High
|
||||
54 | File | `/wp-content/plugins/woocommerce/templates/emails/plain/` | High
|
||||
55 | File | `01article.php` | High
|
||||
56 | File | `AbstractScheduleJob.java` | High
|
||||
57 | File | `actionphp/download.File.php` | High
|
||||
58 | File | `AdClass.php` | Medium
|
||||
59 | File | `adclick.php` | Medium
|
||||
60 | File | `addtocart.asp` | High
|
||||
61 | ... | ... | ...
|
||||
2 | File | `/Admin/add-student.php` | High
|
||||
3 | File | `/admin/api/admin/articles/` | High
|
||||
4 | File | `/Admin/login.php` | High
|
||||
5 | File | `/admin/showbad.php` | High
|
||||
6 | File | `/adms/admin/?page=vehicles/sell_vehicle` | High
|
||||
7 | File | `/adms/admin/?page=vehicles/view_transaction` | High
|
||||
8 | File | `/apilog.php` | Medium
|
||||
9 | File | `/APR/login.php` | High
|
||||
10 | File | `/bin/httpd` | Medium
|
||||
11 | File | `/cgi-bin/wapopen` | High
|
||||
12 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
13 | File | `/connectors/index.php` | High
|
||||
14 | File | `/dev/block/mmcblk0rpmb` | High
|
||||
15 | File | `/DocSystem/Repos/getReposAllUsers.do` | High
|
||||
16 | File | `/face-recognition-php/facepay-master/camera.php` | High
|
||||
17 | File | `/forum/away.php` | High
|
||||
18 | File | `/fos/admin/ajax.php?action=login` | High
|
||||
19 | File | `/fos/admin/index.php?page=menu` | High
|
||||
20 | File | `/home/masterConsole` | High
|
||||
21 | File | `/home/sendBroadcast` | High
|
||||
22 | File | `/hrm/employeeadd.php` | High
|
||||
23 | File | `/hrm/employeeview.php` | High
|
||||
24 | File | `/index.php` | Medium
|
||||
25 | File | `/items/view_item.php` | High
|
||||
26 | File | `/jsoa/hntdCustomDesktopActionContent` | High
|
||||
27 | File | `/lookin/info` | Medium
|
||||
28 | File | `/manager/index.php` | High
|
||||
29 | File | `/medical/inventories.php` | High
|
||||
30 | File | `/modules/profile/index.php` | High
|
||||
31 | File | `/modules/projects/vw_files.php` | High
|
||||
32 | File | `/modules/public/calendar.php` | High
|
||||
33 | File | `/mygym/admin/index.php?view_exercises` | High
|
||||
34 | File | `/newsDia.php` | Medium
|
||||
35 | File | `/out.php` | Medium
|
||||
36 | File | `/php-opos/index.php` | High
|
||||
37 | File | `/proxy` | Low
|
||||
38 | File | `/public/launchNewWindow.jsp` | High
|
||||
39 | File | `/Redcock-Farm/farm/category.php` | High
|
||||
40 | File | `/reports/rwservlet` | High
|
||||
41 | File | `/sacco_shield/manage_user.php` | High
|
||||
42 | File | `/spip.php` | Medium
|
||||
43 | File | `/sqlitemanager/main.php?dbsel=-1%20or%2072%20=%2072` | High
|
||||
44 | File | `/staff/bookdetails.php` | High
|
||||
45 | File | `/uncpath/` | Medium
|
||||
46 | File | `/user/update_booking.php` | High
|
||||
47 | File | `/WEB-INF/web.xml` | High
|
||||
48 | File | `/Wedding-Management-PHP/admin/photos_add.php` | High
|
||||
49 | File | `/wireless/security.asp` | High
|
||||
50 | File | `/wordpress/wp-admin/options-general.php` | High
|
||||
51 | File | `/wp-content/plugins/woocommerce/templates/emails/plain/` | High
|
||||
52 | File | `01article.php` | High
|
||||
53 | File | `AbstractScheduleJob.java` | High
|
||||
54 | File | `actionphp/download.File.php` | High
|
||||
55 | File | `activenews_view.asp` | High
|
||||
56 | File | `adclick.php` | Medium
|
||||
57 | File | `addtocart.asp` | High
|
||||
58 | File | `admin.php` | Medium
|
||||
59 | File | `admin/abc.php` | High
|
||||
60 | File | `admin/admin.php?action=users&mode=info&user=2` | High
|
||||
61 | File | `admin/admin/adminsave.html` | High
|
||||
62 | File | `admin/conf_users_edit.php` | High
|
||||
63 | ... | ... | ...
|
||||
|
||||
There are 530 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 553 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
The following list contains _external sources_ which discuss the actor and the associated activities:
|
||||
|
||||
* https://github.com/firehol/blocklist-ipsets/blob/master/geolite2_country/country_cr.netset
|
||||
* https://github.com/firehol/blocklist-ipsets/blob/master/ip2location_country/ip2location_country_cr.netset
|
||||
|
||||
## Literature
|
||||
|
||||
|
|
|
@ -0,0 +1,63 @@
|
|||
# CrimsonRAT - Cyber Threat Intelligence
|
||||
|
||||
These _indicators_ were reported, collected, and generated during the [VulDB CTI analysis](https://vuldb.com/?kb.cti) of the actor known as [CrimsonRAT](https://vuldb.com/?actor.crimsonrat). The _activity monitoring_ correlates data from social media, forums, chat rooms, and darknet markets. It helps to determine associated actors, specific activities, expected intentions, emerging research, and ongoing attacks. Our unique _predictive model_ uses _big data_ to forecast activities and their characteristics.
|
||||
|
||||
_Live data_ and more _analysis capabilities_ are available at [https://vuldb.com/?actor.crimsonrat](https://vuldb.com/?actor.crimsonrat)
|
||||
|
||||
## Countries
|
||||
|
||||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with CrimsonRAT:
|
||||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
These _indicators of compromise_ (IOC) indicate associated network resources which are known to be part of research and attack activities of CrimsonRAT.
|
||||
|
||||
ID | IP address | Hostname | Campaign | Confidence
|
||||
-- | ---------- | -------- | -------- | ----------
|
||||
1 | [192.3.99.68](https://vuldb.com/?ip.192.3.99.68) | 192-3-99-68-host.colocrossing.com | - | High
|
||||
2 | [198.37.123.126](https://vuldb.com/?ip.198.37.123.126) | server902.vebhost.com | - | High
|
||||
|
||||
## TTP - Tactics, Techniques, Procedures
|
||||
|
||||
_Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK techniques used by _CrimsonRAT_. This data is unique as it uses our predictive model for actor profiling.
|
||||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
2 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
3 | T1068 | CWE-264 | Execution with Unnecessary Privileges | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 4 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
These _indicators of attack_ (IOA) list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration by CrimsonRAT. This data is unique as it uses our predictive model for actor profiling.
|
||||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/forgetpassword.php` | High
|
||||
2 | File | `add_comment.php` | High
|
||||
3 | File | `ardguest.php` | Medium
|
||||
4 | ... | ... | ...
|
||||
|
||||
There are 19 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
The following list contains _external sources_ which discuss the actor and the associated activities:
|
||||
|
||||
* https://github.com/Cisco-Talos/IOCs/blob/main/2022/07/transparent-tribe-targets-education.txt
|
||||
|
||||
## Literature
|
||||
|
||||
The following _articles_ explain our unique predictive cyber threat intelligence:
|
||||
|
||||
* [VulDB Cyber Threat Intelligence Documentation](https://vuldb.com/?kb.cti)
|
||||
* [Cyber Threat Intelligence - Early Anticipation of Attacks](https://www.scip.ch/en/?labs.20201022)
|
||||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
|
@ -22,80 +22,102 @@ ID | IP address | Hostname | Campaign | Confidence
|
|||
3 | [2.58.48.0](https://vuldb.com/?ip.2.58.48.0) | start.softnet.si | - | High
|
||||
4 | [5.39.128.0](https://vuldb.com/?ip.5.39.128.0) | - | - | High
|
||||
5 | [5.43.160.0](https://vuldb.com/?ip.5.43.160.0) | 5-43-160-0.dsl.optinet.hr | - | High
|
||||
6 | [5.62.61.228](https://vuldb.com/?ip.5.62.61.228) | r-228-61-62-5.consumer-pool.prcdn.net | - | High
|
||||
7 | [5.62.63.224](https://vuldb.com/?ip.5.62.63.224) | r-224-63-62-5.consumer-pool.prcdn.net | - | High
|
||||
8 | [5.175.186.200](https://vuldb.com/?ip.5.175.186.200) | - | - | High
|
||||
9 | [5.180.216.0](https://vuldb.com/?ip.5.180.216.0) | - | - | High
|
||||
10 | [5.188.10.0](https://vuldb.com/?ip.5.188.10.0) | - | - | High
|
||||
11 | [5.231.9.0](https://vuldb.com/?ip.5.231.9.0) | - | - | High
|
||||
12 | [5.231.77.0](https://vuldb.com/?ip.5.231.77.0) | - | - | High
|
||||
13 | [8.39.6.0](https://vuldb.com/?ip.8.39.6.0) | - | - | High
|
||||
14 | [31.45.128.0](https://vuldb.com/?ip.31.45.128.0) | srv-31-45-128-0.static.a1.hr | - | High
|
||||
15 | [31.147.0.0](https://vuldb.com/?ip.31.147.0.0) | vipnet0.mobile.carnet.hr | - | High
|
||||
16 | [31.216.192.0](https://vuldb.com/?ip.31.216.192.0) | - | - | High
|
||||
17 | [31.217.0.0](https://vuldb.com/?ip.31.217.0.0) | - | - | High
|
||||
18 | [34.99.142.0](https://vuldb.com/?ip.34.99.142.0) | 0.142.99.34.bc.googleusercontent.com | - | Medium
|
||||
19 | [34.99.214.0](https://vuldb.com/?ip.34.99.214.0) | 0.214.99.34.bc.googleusercontent.com | - | Medium
|
||||
20 | [34.103.158.0](https://vuldb.com/?ip.34.103.158.0) | 0.158.103.34.bc.googleusercontent.com | - | Medium
|
||||
21 | [36.255.92.0](https://vuldb.com/?ip.36.255.92.0) | 36-255-92-0.cheapserviceswiki.com | - | High
|
||||
22 | [37.0.128.0](https://vuldb.com/?ip.37.0.128.0) | m37-0-128-0.cust.tele2.hr | - | High
|
||||
23 | [37.0.192.0](https://vuldb.com/?ip.37.0.192.0) | m37-0-192-0.cust.tele2.hr | - | High
|
||||
24 | [37.48.232.0](https://vuldb.com/?ip.37.48.232.0) | - | - | High
|
||||
25 | [37.60.128.0](https://vuldb.com/?ip.37.60.128.0) | - | - | High
|
||||
26 | [37.205.96.0](https://vuldb.com/?ip.37.205.96.0) | - | - | High
|
||||
27 | [37.244.128.0](https://vuldb.com/?ip.37.244.128.0) | srv-37-244-128-0.static.a1.hr | - | High
|
||||
28 | [43.113.227.0](https://vuldb.com/?ip.43.113.227.0) | - | - | High
|
||||
29 | [44.170.0.0](https://vuldb.com/?ip.44.170.0.0) | - | - | High
|
||||
30 | [45.12.70.99](https://vuldb.com/?ip.45.12.70.99) | inflects.yourbandinc.com | - | High
|
||||
31 | [45.12.71.99](https://vuldb.com/?ip.45.12.71.99) | - | - | High
|
||||
32 | [45.85.120.0](https://vuldb.com/?ip.45.85.120.0) | - | - | High
|
||||
33 | [45.87.24.0](https://vuldb.com/?ip.45.87.24.0) | - | - | High
|
||||
34 | [45.95.168.0](https://vuldb.com/?ip.45.95.168.0) | maxko-hosting.com | - | High
|
||||
35 | [45.136.188.0](https://vuldb.com/?ip.45.136.188.0) | - | - | High
|
||||
36 | [46.31.136.0](https://vuldb.com/?ip.46.31.136.0) | - | - | High
|
||||
37 | [46.163.0.0](https://vuldb.com/?ip.46.163.0.0) | - | - | High
|
||||
38 | [46.163.51.0](https://vuldb.com/?ip.46.163.51.0) | - | - | High
|
||||
39 | [46.163.53.0](https://vuldb.com/?ip.46.163.53.0) | - | - | High
|
||||
40 | [46.163.58.0](https://vuldb.com/?ip.46.163.58.0) | - | - | High
|
||||
41 | [46.174.136.0](https://vuldb.com/?ip.46.174.136.0) | - | - | High
|
||||
42 | [46.174.138.0](https://vuldb.com/?ip.46.174.138.0) | - | - | High
|
||||
43 | [46.188.128.0](https://vuldb.com/?ip.46.188.128.0) | - | - | High
|
||||
44 | [46.229.240.0](https://vuldb.com/?ip.46.229.240.0) | - | - | High
|
||||
45 | [46.229.248.0](https://vuldb.com/?ip.46.229.248.0) | - | - | High
|
||||
46 | [46.229.252.0](https://vuldb.com/?ip.46.229.252.0) | 46-229-252-0-dsl.novi-net.net | - | High
|
||||
47 | [46.234.64.0](https://vuldb.com/?ip.46.234.64.0) | - | - | High
|
||||
48 | [57.90.64.0](https://vuldb.com/?ip.57.90.64.0) | - | - | High
|
||||
49 | [63.170.203.144](https://vuldb.com/?ip.63.170.203.144) | - | - | High
|
||||
50 | [77.216.0.0](https://vuldb.com/?ip.77.216.0.0) | m77-216-0-0.cust.tele2.hr | - | High
|
||||
51 | [77.219.32.0](https://vuldb.com/?ip.77.219.32.0) | m77-219-32-0.cust.tele2.hr | - | High
|
||||
52 | [77.219.64.0](https://vuldb.com/?ip.77.219.64.0) | m77-219-64-0.cust.tele2.hr | - | High
|
||||
53 | [77.219.128.0](https://vuldb.com/?ip.77.219.128.0) | m77-219-128-0.cust.tele2.hr | - | High
|
||||
54 | [77.237.96.0](https://vuldb.com/?ip.77.237.96.0) | srv-77-237-96-0.static.a1.hr | - | High
|
||||
55 | [78.0.0.0](https://vuldb.com/?ip.78.0.0.0) | 78-0-0-0.adsl.net.t-com.hr | - | High
|
||||
56 | [78.134.128.0](https://vuldb.com/?ip.78.134.128.0) | 78.134.128.0-dsl.net.metronet.hr | - | High
|
||||
57 | [80.80.48.0](https://vuldb.com/?ip.80.80.48.0) | - | - | High
|
||||
58 | [80.253.162.0](https://vuldb.com/?ip.80.253.162.0) | - | - | High
|
||||
59 | [80.253.164.0](https://vuldb.com/?ip.80.253.164.0) | - | - | High
|
||||
60 | [80.253.168.0](https://vuldb.com/?ip.80.253.168.0) | - | - | High
|
||||
61 | [82.132.0.0](https://vuldb.com/?ip.82.132.0.0) | - | - | High
|
||||
62 | [82.193.192.0](https://vuldb.com/?ip.82.193.192.0) | - | - | High
|
||||
63 | [82.214.76.0](https://vuldb.com/?ip.82.214.76.0) | c82-214-76-0.loc.akton.net | - | High
|
||||
64 | [82.214.78.0](https://vuldb.com/?ip.82.214.78.0) | c82-214-78-0.loc.akton.net | - | High
|
||||
65 | [82.214.96.0](https://vuldb.com/?ip.82.214.96.0) | c82-214-96-0.loc.akton.net | - | High
|
||||
66 | [83.131.0.0](https://vuldb.com/?ip.83.131.0.0) | - | - | High
|
||||
67 | [83.139.64.0](https://vuldb.com/?ip.83.139.64.0) | - | - | High
|
||||
68 | [83.176.32.0](https://vuldb.com/?ip.83.176.32.0) | m83-176-32-0.cust.tele2.hr | - | High
|
||||
69 | [83.176.64.0](https://vuldb.com/?ip.83.176.64.0) | m83-176-64-0.cust.tele2.hr | - | High
|
||||
70 | [83.176.128.0](https://vuldb.com/?ip.83.176.128.0) | m83-176-128-0.cust.tele2.hr | - | High
|
||||
71 | [83.177.0.0](https://vuldb.com/?ip.83.177.0.0) | m83-177-0-0.cust.tele2.hr | - | High
|
||||
72 | [83.178.0.0](https://vuldb.com/?ip.83.178.0.0) | - | - | High
|
||||
73 | [83.178.104.0](https://vuldb.com/?ip.83.178.104.0) | m83-178-104-0.cust.tele2.hr | - | High
|
||||
74 | [83.178.112.0](https://vuldb.com/?ip.83.178.112.0) | m83-178-112-0.cust.tele2.hr | - | High
|
||||
75 | [83.178.234.0](https://vuldb.com/?ip.83.178.234.0) | m83-178-234-0.cust.tele2.hr | - | High
|
||||
76 | [83.178.236.0](https://vuldb.com/?ip.83.178.236.0) | m83-178-236-0.cust.tele2.hr | - | High
|
||||
77 | ... | ... | ... | ...
|
||||
6 | [5.59.36.0](https://vuldb.com/?ip.5.59.36.0) | - | - | High
|
||||
7 | [5.62.61.228](https://vuldb.com/?ip.5.62.61.228) | r-228-61-62-5.consumer-pool.prcdn.net | - | High
|
||||
8 | [5.62.63.224](https://vuldb.com/?ip.5.62.63.224) | r-224-63-62-5.consumer-pool.prcdn.net | - | High
|
||||
9 | [5.175.186.200](https://vuldb.com/?ip.5.175.186.200) | - | - | High
|
||||
10 | [5.180.216.0](https://vuldb.com/?ip.5.180.216.0) | - | - | High
|
||||
11 | [5.188.10.0](https://vuldb.com/?ip.5.188.10.0) | - | - | High
|
||||
12 | [5.231.9.0](https://vuldb.com/?ip.5.231.9.0) | - | - | High
|
||||
13 | [5.231.77.0](https://vuldb.com/?ip.5.231.77.0) | - | - | High
|
||||
14 | [8.39.6.0](https://vuldb.com/?ip.8.39.6.0) | - | - | High
|
||||
15 | [31.45.128.0](https://vuldb.com/?ip.31.45.128.0) | srv-31-45-128-0.static.a1.hr | - | High
|
||||
16 | [31.147.0.0](https://vuldb.com/?ip.31.147.0.0) | vipnet0.mobile.carnet.hr | - | High
|
||||
17 | [31.216.192.0](https://vuldb.com/?ip.31.216.192.0) | - | - | High
|
||||
18 | [31.217.0.0](https://vuldb.com/?ip.31.217.0.0) | - | - | High
|
||||
19 | [32.106.111.0](https://vuldb.com/?ip.32.106.111.0) | - | - | High
|
||||
20 | [32.106.112.0](https://vuldb.com/?ip.32.106.112.0) | - | - | High
|
||||
21 | [34.99.142.0](https://vuldb.com/?ip.34.99.142.0) | 0.142.99.34.bc.googleusercontent.com | - | Medium
|
||||
22 | [34.99.214.0](https://vuldb.com/?ip.34.99.214.0) | 0.214.99.34.bc.googleusercontent.com | - | Medium
|
||||
23 | [34.103.158.0](https://vuldb.com/?ip.34.103.158.0) | 0.158.103.34.bc.googleusercontent.com | - | Medium
|
||||
24 | [34.103.224.0](https://vuldb.com/?ip.34.103.224.0) | 0.224.103.34.bc.googleusercontent.com | - | Medium
|
||||
25 | [36.255.92.0](https://vuldb.com/?ip.36.255.92.0) | 36-255-92-0.cheapserviceswiki.com | - | High
|
||||
26 | [37.0.128.0](https://vuldb.com/?ip.37.0.128.0) | m37-0-128-0.cust.tele2.hr | - | High
|
||||
27 | [37.0.192.0](https://vuldb.com/?ip.37.0.192.0) | m37-0-192-0.cust.tele2.hr | - | High
|
||||
28 | [37.48.232.0](https://vuldb.com/?ip.37.48.232.0) | - | - | High
|
||||
29 | [37.58.20.0](https://vuldb.com/?ip.37.58.20.0) | - | - | High
|
||||
30 | [37.60.128.0](https://vuldb.com/?ip.37.60.128.0) | - | - | High
|
||||
31 | [37.205.96.0](https://vuldb.com/?ip.37.205.96.0) | - | - | High
|
||||
32 | [37.244.128.0](https://vuldb.com/?ip.37.244.128.0) | srv-37-244-128-0.static.a1.hr | - | High
|
||||
33 | [43.113.227.0](https://vuldb.com/?ip.43.113.227.0) | - | - | High
|
||||
34 | [44.170.0.0](https://vuldb.com/?ip.44.170.0.0) | - | - | High
|
||||
35 | [45.12.70.99](https://vuldb.com/?ip.45.12.70.99) | inflects.yourbandinc.com | - | High
|
||||
36 | [45.12.71.99](https://vuldb.com/?ip.45.12.71.99) | - | - | High
|
||||
37 | [45.85.120.0](https://vuldb.com/?ip.45.85.120.0) | - | - | High
|
||||
38 | [45.87.24.0](https://vuldb.com/?ip.45.87.24.0) | - | - | High
|
||||
39 | [45.95.168.0](https://vuldb.com/?ip.45.95.168.0) | maxko-hosting.com | - | High
|
||||
40 | [45.136.188.0](https://vuldb.com/?ip.45.136.188.0) | - | - | High
|
||||
41 | [45.137.248.0](https://vuldb.com/?ip.45.137.248.0) | 0.248.137.45.in-addr.arpa.broadband.mtnet.hr | - | High
|
||||
42 | [45.142.8.0](https://vuldb.com/?ip.45.142.8.0) | - | - | High
|
||||
43 | [45.143.216.0](https://vuldb.com/?ip.45.143.216.0) | 45-143-216-0.broadband.mtnet.hr | - | High
|
||||
44 | [45.157.4.0](https://vuldb.com/?ip.45.157.4.0) | - | - | High
|
||||
45 | [46.31.136.0](https://vuldb.com/?ip.46.31.136.0) | - | - | High
|
||||
46 | [46.163.0.0](https://vuldb.com/?ip.46.163.0.0) | - | - | High
|
||||
47 | [46.163.51.0](https://vuldb.com/?ip.46.163.51.0) | - | - | High
|
||||
48 | [46.163.53.0](https://vuldb.com/?ip.46.163.53.0) | - | - | High
|
||||
49 | [46.163.58.0](https://vuldb.com/?ip.46.163.58.0) | - | - | High
|
||||
50 | [46.174.136.0](https://vuldb.com/?ip.46.174.136.0) | - | - | High
|
||||
51 | [46.174.138.0](https://vuldb.com/?ip.46.174.138.0) | - | - | High
|
||||
52 | [46.183.184.0](https://vuldb.com/?ip.46.183.184.0) | - | - | High
|
||||
53 | [46.188.128.0](https://vuldb.com/?ip.46.188.128.0) | - | - | High
|
||||
54 | [46.229.240.0](https://vuldb.com/?ip.46.229.240.0) | - | - | High
|
||||
55 | [46.229.248.0](https://vuldb.com/?ip.46.229.248.0) | - | - | High
|
||||
56 | [46.229.252.0](https://vuldb.com/?ip.46.229.252.0) | 46-229-252-0-dsl.novi-net.net | - | High
|
||||
57 | [46.234.64.0](https://vuldb.com/?ip.46.234.64.0) | - | - | High
|
||||
58 | [57.90.64.0](https://vuldb.com/?ip.57.90.64.0) | - | - | High
|
||||
59 | [57.90.68.0](https://vuldb.com/?ip.57.90.68.0) | - | - | High
|
||||
60 | [63.170.203.144](https://vuldb.com/?ip.63.170.203.144) | - | - | High
|
||||
61 | [66.159.222.0](https://vuldb.com/?ip.66.159.222.0) | - | - | High
|
||||
62 | [77.216.0.0](https://vuldb.com/?ip.77.216.0.0) | m77-216-0-0.cust.tele2.hr | - | High
|
||||
63 | [77.218.9.0](https://vuldb.com/?ip.77.218.9.0) | - | - | High
|
||||
64 | [77.218.10.0](https://vuldb.com/?ip.77.218.10.0) | - | - | High
|
||||
65 | [77.219.32.0](https://vuldb.com/?ip.77.219.32.0) | m77-219-32-0.cust.tele2.hr | - | High
|
||||
66 | [77.219.64.0](https://vuldb.com/?ip.77.219.64.0) | m77-219-64-0.cust.tele2.hr | - | High
|
||||
67 | [77.219.128.0](https://vuldb.com/?ip.77.219.128.0) | m77-219-128-0.cust.tele2.hr | - | High
|
||||
68 | [77.237.96.0](https://vuldb.com/?ip.77.237.96.0) | srv-77-237-96-0.static.a1.hr | - | High
|
||||
69 | [78.0.0.0](https://vuldb.com/?ip.78.0.0.0) | 78-0-0-0.adsl.net.t-com.hr | - | High
|
||||
70 | [78.134.128.0](https://vuldb.com/?ip.78.134.128.0) | 78.134.128.0-dsl.net.metronet.hr | - | High
|
||||
71 | [80.80.48.0](https://vuldb.com/?ip.80.80.48.0) | - | - | High
|
||||
72 | [80.249.133.0](https://vuldb.com/?ip.80.249.133.0) | - | - | High
|
||||
73 | [80.253.160.0](https://vuldb.com/?ip.80.253.160.0) | - | - | High
|
||||
74 | [80.253.162.0](https://vuldb.com/?ip.80.253.162.0) | - | - | High
|
||||
75 | [80.253.164.0](https://vuldb.com/?ip.80.253.164.0) | - | - | High
|
||||
76 | [80.253.168.0](https://vuldb.com/?ip.80.253.168.0) | - | - | High
|
||||
77 | [81.17.228.0](https://vuldb.com/?ip.81.17.228.0) | n228-h0.loc-b.akton.net | - | High
|
||||
78 | [81.23.248.0](https://vuldb.com/?ip.81.23.248.0) | - | - | High
|
||||
79 | [82.132.0.0](https://vuldb.com/?ip.82.132.0.0) | - | - | High
|
||||
80 | [82.193.192.0](https://vuldb.com/?ip.82.193.192.0) | - | - | High
|
||||
81 | [82.214.76.0](https://vuldb.com/?ip.82.214.76.0) | c82-214-76-0.loc.akton.net | - | High
|
||||
82 | [82.214.78.0](https://vuldb.com/?ip.82.214.78.0) | c82-214-78-0.loc.akton.net | - | High
|
||||
83 | [82.214.96.0](https://vuldb.com/?ip.82.214.96.0) | c82-214-96-0.loc.akton.net | - | High
|
||||
84 | [83.131.0.0](https://vuldb.com/?ip.83.131.0.0) | - | - | High
|
||||
85 | [83.139.64.0](https://vuldb.com/?ip.83.139.64.0) | - | - | High
|
||||
86 | [83.176.32.0](https://vuldb.com/?ip.83.176.32.0) | m83-176-32-0.cust.tele2.hr | - | High
|
||||
87 | [83.176.64.0](https://vuldb.com/?ip.83.176.64.0) | m83-176-64-0.cust.tele2.hr | - | High
|
||||
88 | [83.176.128.0](https://vuldb.com/?ip.83.176.128.0) | m83-176-128-0.cust.tele2.hr | - | High
|
||||
89 | [83.177.0.0](https://vuldb.com/?ip.83.177.0.0) | m83-177-0-0.cust.tele2.hr | - | High
|
||||
90 | [83.178.0.0](https://vuldb.com/?ip.83.178.0.0) | - | - | High
|
||||
91 | [83.178.104.0](https://vuldb.com/?ip.83.178.104.0) | m83-178-104-0.cust.tele2.hr | - | High
|
||||
92 | [83.178.112.0](https://vuldb.com/?ip.83.178.112.0) | m83-178-112-0.cust.tele2.hr | - | High
|
||||
93 | [83.178.234.0](https://vuldb.com/?ip.83.178.234.0) | m83-178-234-0.cust.tele2.hr | - | High
|
||||
94 | [83.178.236.0](https://vuldb.com/?ip.83.178.236.0) | m83-178-236-0.cust.tele2.hr | - | High
|
||||
95 | [83.178.240.0](https://vuldb.com/?ip.83.178.240.0) | m83-178-240-0.cust.tele2.hr | - | High
|
||||
96 | [83.179.192.0](https://vuldb.com/?ip.83.179.192.0) | m83-179-192-0.cust.tele2.hr | - | High
|
||||
97 | [83.180.32.0](https://vuldb.com/?ip.83.180.32.0) | m83-180-32-0.cust.tele2.hr | - | High
|
||||
98 | [83.180.64.0](https://vuldb.com/?ip.83.180.64.0) | m83-180-64-0.cust.tele2.hr | - | High
|
||||
99 | ... | ... | ... | ...
|
||||
|
||||
There are 306 more IOC items available. Please use our online service to access the data.
|
||||
There are 391 more IOC items available. Please use our online service to access the data.
|
||||
|
||||
## TTP - Tactics, Techniques, Procedures
|
||||
|
||||
|
@ -111,6 +133,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
The following list contains _external sources_ which discuss the actor and the associated activities:
|
||||
|
||||
* https://github.com/firehol/blocklist-ipsets/blob/master/geolite2_country/country_hr.netset
|
||||
* https://github.com/firehol/blocklist-ipsets/blob/master/ip2location_country/ip2location_country_hr.netset
|
||||
|
||||
## Literature
|
||||
|
||||
|
|
|
@ -4,6 +4,12 @@ These _indicators_ were reported, collected, and generated during the [VulDB CTI
|
|||
|
||||
_Live data_ and more _analysis capabilities_ are available at [https://vuldb.com/?actor.crywiper](https://vuldb.com/?actor.crywiper)
|
||||
|
||||
## Countries
|
||||
|
||||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with CryWiper:
|
||||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
These _indicators of compromise_ (IOC) indicate associated network resources which are known to be part of research and attack activities of CryWiper.
|
||||
|
|
|
@ -54,11 +54,12 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/mics/j_spring_security_check` | High
|
||||
2 | File | `examples/openid.php` | High
|
||||
3 | File | `FormDisplay.php` | High
|
||||
4 | ... | ... | ...
|
||||
2 | File | `/user/s.php` | Medium
|
||||
3 | File | `add-locker-form.php` | High
|
||||
4 | File | `admin/booking_report.php` | High
|
||||
5 | ... | ... | ...
|
||||
|
||||
There are 12 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 27 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -9,11 +9,11 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
|
|||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Cuba Ransomware:
|
||||
|
||||
* [VN](https://vuldb.com/?country.vn)
|
||||
* [CH](https://vuldb.com/?country.ch)
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [CH](https://vuldb.com/?country.ch)
|
||||
* ...
|
||||
|
||||
There are 7 more country items available. Please use our online service to access the data.
|
||||
There are 6 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -46,14 +46,14 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-24 | Pathname Traversal | High
|
||||
1 | T1006 | CWE-21, CWE-22 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 20 more TTP items available. Please use our online service to access the data.
|
||||
There are 19 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -63,47 +63,45 @@ ID | Type | Indicator | Confidence
|
|||
-- | ---- | --------- | ----------
|
||||
1 | File | `/.env` | Low
|
||||
2 | File | `/admin/ajax.php?action=delete_window` | High
|
||||
3 | File | `/admin/api/admin/articles/` | High
|
||||
4 | File | `/admin/api/theme-edit/` | High
|
||||
5 | File | `/as/authorization.oauth2` | High
|
||||
6 | File | `/blogengine/api/posts` | High
|
||||
7 | File | `/cgi-bin/luci/api/auth` | High
|
||||
8 | File | `/cgi-bin/nobody/VerifyCode.cgi` | High
|
||||
9 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
3 | File | `/admin/patient.php` | High
|
||||
4 | File | `/as/authorization.oauth2` | High
|
||||
5 | File | `/blogengine/api/posts` | High
|
||||
6 | File | `/cgi-bin/luci/api/auth` | High
|
||||
7 | File | `/cgi-bin/supervisor/PwdGrp.cgi` | High
|
||||
8 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
9 | File | `/DXR.axd` | Medium
|
||||
10 | File | `/event/admin/?page=user/list` | High
|
||||
11 | File | `/forum/away.php` | High
|
||||
12 | File | `/fos/admin/ajax.php?action=login` | High
|
||||
13 | File | `/goform/SysToolChangePwd` | High
|
||||
14 | File | `/goform/WifiBasicSet` | High
|
||||
15 | File | `/index/user/user_edit.html` | High
|
||||
16 | File | `/login/index.php` | High
|
||||
17 | File | `/obs/book.php` | High
|
||||
18 | File | `/products/view_product.php` | High
|
||||
19 | File | `/proxy` | Low
|
||||
20 | File | `/public/login.htm` | High
|
||||
11 | File | `/filemanager/php/connector.php` | High
|
||||
12 | File | `/forum/away.php` | High
|
||||
13 | File | `/fos/admin/ajax.php?action=login` | High
|
||||
14 | File | `/index/user/user_edit.html` | High
|
||||
15 | File | `/login/index.php` | High
|
||||
16 | File | `/modules/projects/vw_files.php` | High
|
||||
17 | File | `/products/view_product.php` | High
|
||||
18 | File | `/proxy` | Low
|
||||
19 | File | `/public/login.htm` | High
|
||||
20 | File | `/rukovoditel/index.php?module=users/login` | High
|
||||
21 | File | `/secure/QueryComponent!Default.jspa` | High
|
||||
22 | File | `/shell` | Low
|
||||
23 | File | `/spip.php` | Medium
|
||||
24 | File | `/uncpath/` | Medium
|
||||
25 | File | `/usr/bin/tddp` | High
|
||||
26 | File | `/vendor/htmlawed/htmlawed/htmLawedTest.php` | High
|
||||
27 | File | `/wp-admin/admin-ajax.php` | High
|
||||
28 | File | `/wp-admin/options.php` | High
|
||||
29 | File | `/wp-json/wc/v3/webhooks` | High
|
||||
30 | File | `/_vti_pvt/access.cnf` | High
|
||||
31 | File | `1.x/src/rogatkin/web/WarRoller.java` | High
|
||||
32 | File | `actions/UploadAction.php` | High
|
||||
33 | File | `adclick.php` | Medium
|
||||
34 | File | `add_contestant.php` | High
|
||||
35 | File | `admin/import/class-import-settings.php` | High
|
||||
36 | File | `admin/manage_user.php` | High
|
||||
37 | File | `admin/page-login.php` | High
|
||||
38 | File | `admin/panels/uploader/admin.uploader.php` | High
|
||||
39 | File | `admin/practice_pdf.php` | High
|
||||
40 | File | `admin/template/js/uploadify/uploadify.swf` | High
|
||||
41 | ... | ... | ...
|
||||
24 | File | `/usr/bin/tddp` | High
|
||||
25 | File | `/wp-admin/admin-ajax.php` | High
|
||||
26 | File | `/wp-admin/options.php` | High
|
||||
27 | File | `/wp-json/wc/v3/webhooks` | High
|
||||
28 | File | `adclick.php` | Medium
|
||||
29 | File | `add_contestant.php` | High
|
||||
30 | File | `admin.php` | Medium
|
||||
31 | File | `admin/conf_users_edit.php` | High
|
||||
32 | File | `admin/import/class-import-settings.php` | High
|
||||
33 | File | `admin/manage_user.php` | High
|
||||
34 | File | `admin/page-login.php` | High
|
||||
35 | File | `admin/practice_pdf.php` | High
|
||||
36 | File | `admin/template/js/uploadify/uploadify.swf` | High
|
||||
37 | File | `administrator/components/com_joomgallery/views/config/tmpl/default.php` | High
|
||||
38 | File | `affich.php` | Medium
|
||||
39 | ... | ... | ...
|
||||
|
||||
There are 356 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 337 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -26,11 +26,11 @@ ID | IP address | Hostname | Campaign | Confidence
|
|||
3 | [5.101.221.128](https://vuldb.com/?ip.5.101.221.128) | - | - | High
|
||||
4 | [45.12.70.51](https://vuldb.com/?ip.45.12.70.51) | appropriate.get-eye.com | - | High
|
||||
5 | [45.12.71.51](https://vuldb.com/?ip.45.12.71.51) | - | - | High
|
||||
6 | [57.91.32.0](https://vuldb.com/?ip.57.91.32.0) | - | - | High
|
||||
7 | [94.46.63.195](https://vuldb.com/?ip.94.46.63.195) | 94-46-63-195.client.hostsrecord.com | - | High
|
||||
6 | [57.74.110.0](https://vuldb.com/?ip.57.74.110.0) | - | - | High
|
||||
7 | [57.91.32.0](https://vuldb.com/?ip.57.91.32.0) | - | - | High
|
||||
8 | ... | ... | ... | ...
|
||||
|
||||
There are 26 more IOC items available. Please use our online service to access the data.
|
||||
There are 27 more IOC items available. Please use our online service to access the data.
|
||||
|
||||
## TTP - Tactics, Techniques, Procedures
|
||||
|
||||
|
@ -97,24 +97,25 @@ ID | Type | Indicator | Confidence
|
|||
43 | File | `admin/param/param_func.inc.php` | High
|
||||
44 | File | `admin/y_admin.asp` | High
|
||||
45 | File | `adminer.php` | Medium
|
||||
46 | File | `administrator/components/com_media/helpers/media.php` | High
|
||||
47 | File | `admin_ok.asp` | Medium
|
||||
48 | File | `app/Core/Paginator.php` | High
|
||||
49 | File | `app/index.php/accounts/default/details?id=2&kanbanBoard=1&openToTaskId=1` | High
|
||||
50 | File | `artlinks.dispnew.php` | High
|
||||
51 | File | `auth.php` | Medium
|
||||
52 | File | `auth_changepassword.php` | High
|
||||
53 | File | `bin/named/query.c` | High
|
||||
54 | File | `blank.php` | Medium
|
||||
46 | File | `administration/admins.php` | High
|
||||
47 | File | `administrator/components/com_media/helpers/media.php` | High
|
||||
48 | File | `admin_ok.asp` | Medium
|
||||
49 | File | `app/Core/Paginator.php` | High
|
||||
50 | File | `app/index.php/accounts/default/details?id=2&kanbanBoard=1&openToTaskId=1` | High
|
||||
51 | File | `artlinks.dispnew.php` | High
|
||||
52 | File | `auth.php` | Medium
|
||||
53 | File | `auth_changepassword.php` | High
|
||||
54 | File | `bin/named/query.c` | High
|
||||
55 | ... | ... | ...
|
||||
|
||||
There are 480 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 481 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
The following list contains _external sources_ which discuss the actor and the associated activities:
|
||||
|
||||
* https://github.com/firehol/blocklist-ipsets/blob/master/geolite2_country/country_cu.netset
|
||||
* https://github.com/firehol/blocklist-ipsets/blob/master/ip2location_country/ip2location_country_cu.netset
|
||||
|
||||
## Literature
|
||||
|
||||
|
|
|
@ -34,7 +34,7 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-22 | Pathname Traversal | High
|
||||
1 | T1006 | CWE-21, CWE-22 | Pathname Traversal | High
|
||||
2 | T1055 | CWE-74 | Injection | High
|
||||
3 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
@ -55,7 +55,7 @@ ID | Type | Indicator | Confidence
|
|||
6 | File | `/usr/local/WowzaStreamingEngine/bin/` | High
|
||||
7 | ... | ... | ...
|
||||
|
||||
There are 46 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 49 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [GB](https://vuldb.com/?country.gb)
|
||||
* ...
|
||||
|
||||
There are 21 more country items available. Please use our online service to access the data.
|
||||
There are 23 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -21,79 +21,109 @@ These _indicators of compromise_ (IOC) indicate associated network resources whi
|
|||
|
||||
ID | IP address | Hostname | Campaign | Confidence
|
||||
-- | ---------- | -------- | -------- | ----------
|
||||
1 | [2.59.168.0](https://vuldb.com/?ip.2.59.168.0) | - | - | High
|
||||
2 | [5.62.60.108](https://vuldb.com/?ip.5.62.60.108) | r-108-60-62-5.consumer-pool.prcdn.net | - | High
|
||||
3 | [5.62.62.104](https://vuldb.com/?ip.5.62.62.104) | r-104-62-62-5.consumer-pool.prcdn.net | - | High
|
||||
4 | [5.101.221.0](https://vuldb.com/?ip.5.101.221.0) | subnet.gcore.lu | - | High
|
||||
5 | [5.253.84.0](https://vuldb.com/?ip.5.253.84.0) | - | - | High
|
||||
6 | [5.253.86.0](https://vuldb.com/?ip.5.253.86.0) | - | - | High
|
||||
7 | [31.22.88.0](https://vuldb.com/?ip.31.22.88.0) | - | - | High
|
||||
8 | [31.153.0.0](https://vuldb.com/?ip.31.153.0.0) | - | - | High
|
||||
9 | [31.209.96.1](https://vuldb.com/?ip.31.209.96.1) | - | - | High
|
||||
10 | [31.209.96.2](https://vuldb.com/?ip.31.209.96.2) | - | - | High
|
||||
11 | [31.209.96.4](https://vuldb.com/?ip.31.209.96.4) | - | - | High
|
||||
12 | [31.209.96.8](https://vuldb.com/?ip.31.209.96.8) | - | - | High
|
||||
13 | [31.209.96.16](https://vuldb.com/?ip.31.209.96.16) | - | - | High
|
||||
14 | [31.209.96.32](https://vuldb.com/?ip.31.209.96.32) | - | - | High
|
||||
15 | [31.209.96.64](https://vuldb.com/?ip.31.209.96.64) | - | - | High
|
||||
16 | [31.209.96.128](https://vuldb.com/?ip.31.209.96.128) | - | - | High
|
||||
17 | [31.209.97.0](https://vuldb.com/?ip.31.209.97.0) | - | - | High
|
||||
18 | [31.209.98.0](https://vuldb.com/?ip.31.209.98.0) | - | - | High
|
||||
19 | [31.209.100.1](https://vuldb.com/?ip.31.209.100.1) | - | - | High
|
||||
20 | [31.209.100.2](https://vuldb.com/?ip.31.209.100.2) | - | - | High
|
||||
21 | [31.209.100.4](https://vuldb.com/?ip.31.209.100.4) | - | - | High
|
||||
22 | [31.209.100.8](https://vuldb.com/?ip.31.209.100.8) | - | - | High
|
||||
23 | [31.209.100.16](https://vuldb.com/?ip.31.209.100.16) | - | - | High
|
||||
24 | [31.209.100.32](https://vuldb.com/?ip.31.209.100.32) | - | - | High
|
||||
25 | [31.209.100.64](https://vuldb.com/?ip.31.209.100.64) | - | - | High
|
||||
26 | [31.209.100.128](https://vuldb.com/?ip.31.209.100.128) | - | - | High
|
||||
27 | [31.209.101.0](https://vuldb.com/?ip.31.209.101.0) | - | - | High
|
||||
28 | [31.209.102.0](https://vuldb.com/?ip.31.209.102.0) | - | - | High
|
||||
29 | [31.209.104.1](https://vuldb.com/?ip.31.209.104.1) | - | - | High
|
||||
30 | [31.209.104.2](https://vuldb.com/?ip.31.209.104.2) | - | - | High
|
||||
31 | [31.209.104.4](https://vuldb.com/?ip.31.209.104.4) | - | - | High
|
||||
32 | [31.209.104.8](https://vuldb.com/?ip.31.209.104.8) | - | - | High
|
||||
33 | [31.209.104.16](https://vuldb.com/?ip.31.209.104.16) | - | - | High
|
||||
34 | [31.209.104.32](https://vuldb.com/?ip.31.209.104.32) | - | - | High
|
||||
35 | [31.209.104.64](https://vuldb.com/?ip.31.209.104.64) | - | - | High
|
||||
36 | [31.209.104.128](https://vuldb.com/?ip.31.209.104.128) | - | - | High
|
||||
37 | [31.209.105.0](https://vuldb.com/?ip.31.209.105.0) | - | - | High
|
||||
38 | [31.209.106.0](https://vuldb.com/?ip.31.209.106.0) | - | - | High
|
||||
39 | [31.209.108.0](https://vuldb.com/?ip.31.209.108.0) | - | - | High
|
||||
40 | [31.216.64.0](https://vuldb.com/?ip.31.216.64.0) | - | - | High
|
||||
41 | [37.9.176.0](https://vuldb.com/?ip.37.9.176.0) | - | - | High
|
||||
42 | [37.34.3.18](https://vuldb.com/?ip.37.34.3.18) | - | - | High
|
||||
43 | [37.34.18.208](https://vuldb.com/?ip.37.34.18.208) | - | - | High
|
||||
44 | [37.149.0.0](https://vuldb.com/?ip.37.149.0.0) | - | - | High
|
||||
45 | [37.218.192.0](https://vuldb.com/?ip.37.218.192.0) | - | - | High
|
||||
46 | [45.12.70.55](https://vuldb.com/?ip.45.12.70.55) | boot-syslog.get-eye.com | - | High
|
||||
47 | [45.12.71.55](https://vuldb.com/?ip.45.12.71.55) | - | - | High
|
||||
48 | [45.132.68.0](https://vuldb.com/?ip.45.132.68.0) | - | - | High
|
||||
49 | [45.132.132.0](https://vuldb.com/?ip.45.132.132.0) | - | - | High
|
||||
50 | [45.136.8.0](https://vuldb.com/?ip.45.136.8.0) | - | - | High
|
||||
51 | [45.142.200.0](https://vuldb.com/?ip.45.142.200.0) | - | - | High
|
||||
52 | [46.16.136.0](https://vuldb.com/?ip.46.16.136.0) | - | - | High
|
||||
53 | [46.21.48.0](https://vuldb.com/?ip.46.21.48.0) | - | - | High
|
||||
54 | [46.28.176.0](https://vuldb.com/?ip.46.28.176.0) | - | - | High
|
||||
55 | [46.31.64.0](https://vuldb.com/?ip.46.31.64.0) | - | - | High
|
||||
56 | [46.31.66.0](https://vuldb.com/?ip.46.31.66.0) | - | - | High
|
||||
57 | [46.31.70.0](https://vuldb.com/?ip.46.31.70.0) | - | - | High
|
||||
58 | [46.198.0.0](https://vuldb.com/?ip.46.198.0.0) | - | - | High
|
||||
59 | [46.199.0.0](https://vuldb.com/?ip.46.199.0.0) | - | - | High
|
||||
60 | [46.251.96.0](https://vuldb.com/?ip.46.251.96.0) | - | - | High
|
||||
61 | [46.255.120.0](https://vuldb.com/?ip.46.255.120.0) | - | - | High
|
||||
62 | [62.12.64.0](https://vuldb.com/?ip.62.12.64.0) | - | - | High
|
||||
63 | [62.152.0.0](https://vuldb.com/?ip.62.152.0.0) | - | - | High
|
||||
64 | [62.228.0.0](https://vuldb.com/?ip.62.228.0.0) | - | - | High
|
||||
65 | [65.18.208.0](https://vuldb.com/?ip.65.18.208.0) | - | - | High
|
||||
66 | [66.205.64.0](https://vuldb.com/?ip.66.205.64.0) | - | - | High
|
||||
67 | [69.6.0.0](https://vuldb.com/?ip.69.6.0.0) | - | - | High
|
||||
68 | [69.94.112.0](https://vuldb.com/?ip.69.94.112.0) | - | - | High
|
||||
69 | [77.73.113.0](https://vuldb.com/?ip.77.73.113.0) | - | - | High
|
||||
70 | [77.74.56.0](https://vuldb.com/?ip.77.74.56.0) | c-77-74-56-0.customer.ggaweb.ch | - | High
|
||||
71 | ... | ... | ... | ...
|
||||
1 | [2.59.117.0](https://vuldb.com/?ip.2.59.117.0) | ptr.poyrazhosting.com.tr | - | High
|
||||
2 | [2.59.168.0](https://vuldb.com/?ip.2.59.168.0) | - | - | High
|
||||
3 | [2.109.72.0](https://vuldb.com/?ip.2.109.72.0) | - | - | High
|
||||
4 | [2.109.74.0](https://vuldb.com/?ip.2.109.74.0) | - | - | High
|
||||
5 | [5.8.18.0](https://vuldb.com/?ip.5.8.18.0) | - | - | High
|
||||
6 | [5.62.60.108](https://vuldb.com/?ip.5.62.60.108) | r-108-60-62-5.consumer-pool.prcdn.net | - | High
|
||||
7 | [5.62.62.104](https://vuldb.com/?ip.5.62.62.104) | r-104-62-62-5.consumer-pool.prcdn.net | - | High
|
||||
8 | [5.101.221.0](https://vuldb.com/?ip.5.101.221.0) | subnet.gcore.lu | - | High
|
||||
9 | [5.188.86.0](https://vuldb.com/?ip.5.188.86.0) | - | - | High
|
||||
10 | [5.253.84.0](https://vuldb.com/?ip.5.253.84.0) | - | - | High
|
||||
11 | [5.253.86.0](https://vuldb.com/?ip.5.253.86.0) | - | - | High
|
||||
12 | [31.22.88.0](https://vuldb.com/?ip.31.22.88.0) | - | - | High
|
||||
13 | [31.22.92.0](https://vuldb.com/?ip.31.22.92.0) | - | - | High
|
||||
14 | [31.25.228.0](https://vuldb.com/?ip.31.25.228.0) | - | - | High
|
||||
15 | [31.25.230.0](https://vuldb.com/?ip.31.25.230.0) | - | - | High
|
||||
16 | [31.153.0.0](https://vuldb.com/?ip.31.153.0.0) | - | - | High
|
||||
17 | [31.153.128.0](https://vuldb.com/?ip.31.153.128.0) | - | - | High
|
||||
18 | [31.153.192.0](https://vuldb.com/?ip.31.153.192.0) | - | - | High
|
||||
19 | [31.153.209.0](https://vuldb.com/?ip.31.153.209.0) | - | - | High
|
||||
20 | [31.153.210.0](https://vuldb.com/?ip.31.153.210.0) | - | - | High
|
||||
21 | [31.153.212.0](https://vuldb.com/?ip.31.153.212.0) | - | - | High
|
||||
22 | [31.153.216.0](https://vuldb.com/?ip.31.153.216.0) | - | - | High
|
||||
23 | [31.153.224.0](https://vuldb.com/?ip.31.153.224.0) | - | - | High
|
||||
24 | [31.209.96.0](https://vuldb.com/?ip.31.209.96.0) | - | - | High
|
||||
25 | [31.209.96.1](https://vuldb.com/?ip.31.209.96.1) | - | - | High
|
||||
26 | [31.209.96.2](https://vuldb.com/?ip.31.209.96.2) | - | - | High
|
||||
27 | [31.209.96.4](https://vuldb.com/?ip.31.209.96.4) | - | - | High
|
||||
28 | [31.209.96.8](https://vuldb.com/?ip.31.209.96.8) | - | - | High
|
||||
29 | [31.209.96.16](https://vuldb.com/?ip.31.209.96.16) | - | - | High
|
||||
30 | [31.209.96.32](https://vuldb.com/?ip.31.209.96.32) | - | - | High
|
||||
31 | [31.209.96.64](https://vuldb.com/?ip.31.209.96.64) | - | - | High
|
||||
32 | [31.209.96.128](https://vuldb.com/?ip.31.209.96.128) | - | - | High
|
||||
33 | [31.209.97.0](https://vuldb.com/?ip.31.209.97.0) | - | - | High
|
||||
34 | [31.209.98.0](https://vuldb.com/?ip.31.209.98.0) | - | - | High
|
||||
35 | [31.209.100.1](https://vuldb.com/?ip.31.209.100.1) | - | - | High
|
||||
36 | [31.209.100.2](https://vuldb.com/?ip.31.209.100.2) | - | - | High
|
||||
37 | [31.209.100.4](https://vuldb.com/?ip.31.209.100.4) | - | - | High
|
||||
38 | [31.209.100.8](https://vuldb.com/?ip.31.209.100.8) | - | - | High
|
||||
39 | [31.209.100.16](https://vuldb.com/?ip.31.209.100.16) | - | - | High
|
||||
40 | [31.209.100.32](https://vuldb.com/?ip.31.209.100.32) | - | - | High
|
||||
41 | [31.209.100.64](https://vuldb.com/?ip.31.209.100.64) | - | - | High
|
||||
42 | [31.209.100.128](https://vuldb.com/?ip.31.209.100.128) | - | - | High
|
||||
43 | [31.209.101.0](https://vuldb.com/?ip.31.209.101.0) | - | - | High
|
||||
44 | [31.209.102.0](https://vuldb.com/?ip.31.209.102.0) | - | - | High
|
||||
45 | [31.209.104.1](https://vuldb.com/?ip.31.209.104.1) | - | - | High
|
||||
46 | [31.209.104.2](https://vuldb.com/?ip.31.209.104.2) | - | - | High
|
||||
47 | [31.209.104.4](https://vuldb.com/?ip.31.209.104.4) | - | - | High
|
||||
48 | [31.209.104.8](https://vuldb.com/?ip.31.209.104.8) | - | - | High
|
||||
49 | [31.209.104.16](https://vuldb.com/?ip.31.209.104.16) | - | - | High
|
||||
50 | [31.209.104.32](https://vuldb.com/?ip.31.209.104.32) | - | - | High
|
||||
51 | [31.209.104.64](https://vuldb.com/?ip.31.209.104.64) | - | - | High
|
||||
52 | [31.209.104.128](https://vuldb.com/?ip.31.209.104.128) | - | - | High
|
||||
53 | [31.209.105.0](https://vuldb.com/?ip.31.209.105.0) | - | - | High
|
||||
54 | [31.209.106.0](https://vuldb.com/?ip.31.209.106.0) | - | - | High
|
||||
55 | [31.209.108.0](https://vuldb.com/?ip.31.209.108.0) | - | - | High
|
||||
56 | [31.216.64.0](https://vuldb.com/?ip.31.216.64.0) | - | - | High
|
||||
57 | [37.9.176.0](https://vuldb.com/?ip.37.9.176.0) | - | - | High
|
||||
58 | [37.9.178.0](https://vuldb.com/?ip.37.9.178.0) | - | - | High
|
||||
59 | [37.9.181.0](https://vuldb.com/?ip.37.9.181.0) | - | - | High
|
||||
60 | [37.9.182.0](https://vuldb.com/?ip.37.9.182.0) | - | - | High
|
||||
61 | [37.34.3.18](https://vuldb.com/?ip.37.34.3.18) | - | - | High
|
||||
62 | [37.34.18.208](https://vuldb.com/?ip.37.34.18.208) | - | - | High
|
||||
63 | [37.149.0.0](https://vuldb.com/?ip.37.149.0.0) | - | - | High
|
||||
64 | [37.152.75.0](https://vuldb.com/?ip.37.152.75.0) | - | - | High
|
||||
65 | [37.218.192.0](https://vuldb.com/?ip.37.218.192.0) | - | - | High
|
||||
66 | [37.218.200.0](https://vuldb.com/?ip.37.218.200.0) | - | - | High
|
||||
67 | [38.73.228.0](https://vuldb.com/?ip.38.73.228.0) | - | - | High
|
||||
68 | [38.134.113.0](https://vuldb.com/?ip.38.134.113.0) | - | - | High
|
||||
69 | [45.12.70.55](https://vuldb.com/?ip.45.12.70.55) | boot-syslog.get-eye.com | - | High
|
||||
70 | [45.12.71.55](https://vuldb.com/?ip.45.12.71.55) | - | - | High
|
||||
71 | [45.84.59.0](https://vuldb.com/?ip.45.84.59.0) | - | - | High
|
||||
72 | [45.89.23.0](https://vuldb.com/?ip.45.89.23.0) | - | - | High
|
||||
73 | [45.130.120.0](https://vuldb.com/?ip.45.130.120.0) | - | - | High
|
||||
74 | [45.132.68.0](https://vuldb.com/?ip.45.132.68.0) | - | - | High
|
||||
75 | [45.132.132.0](https://vuldb.com/?ip.45.132.132.0) | - | - | High
|
||||
76 | [45.136.8.0](https://vuldb.com/?ip.45.136.8.0) | - | - | High
|
||||
77 | [45.142.200.0](https://vuldb.com/?ip.45.142.200.0) | - | - | High
|
||||
78 | [46.16.136.0](https://vuldb.com/?ip.46.16.136.0) | - | - | High
|
||||
79 | [46.21.48.0](https://vuldb.com/?ip.46.21.48.0) | - | - | High
|
||||
80 | [46.28.176.0](https://vuldb.com/?ip.46.28.176.0) | - | - | High
|
||||
81 | [46.31.64.0](https://vuldb.com/?ip.46.31.64.0) | - | - | High
|
||||
82 | [46.31.66.0](https://vuldb.com/?ip.46.31.66.0) | - | - | High
|
||||
83 | [46.31.70.0](https://vuldb.com/?ip.46.31.70.0) | - | - | High
|
||||
84 | [46.106.200.0](https://vuldb.com/?ip.46.106.200.0) | - | - | High
|
||||
85 | [46.198.0.0](https://vuldb.com/?ip.46.198.0.0) | - | - | High
|
||||
86 | [46.199.0.0](https://vuldb.com/?ip.46.199.0.0) | - | - | High
|
||||
87 | [46.235.156.0](https://vuldb.com/?ip.46.235.156.0) | - | - | High
|
||||
88 | [46.251.96.0](https://vuldb.com/?ip.46.251.96.0) | - | - | High
|
||||
89 | [46.255.120.0](https://vuldb.com/?ip.46.255.120.0) | - | - | High
|
||||
90 | [46.255.122.0](https://vuldb.com/?ip.46.255.122.0) | - | - | High
|
||||
91 | [46.255.126.0](https://vuldb.com/?ip.46.255.126.0) | - | - | High
|
||||
92 | [57.79.196.0](https://vuldb.com/?ip.57.79.196.0) | - | - | High
|
||||
93 | [62.12.64.0](https://vuldb.com/?ip.62.12.64.0) | - | - | High
|
||||
94 | [62.12.81.0](https://vuldb.com/?ip.62.12.81.0) | unassigned.maks.net | - | High
|
||||
95 | [62.12.82.0](https://vuldb.com/?ip.62.12.82.0) | - | - | High
|
||||
96 | [62.12.84.0](https://vuldb.com/?ip.62.12.84.0) | - | - | High
|
||||
97 | [62.12.88.0](https://vuldb.com/?ip.62.12.88.0) | - | - | High
|
||||
98 | [62.122.188.0](https://vuldb.com/?ip.62.122.188.0) | - | - | High
|
||||
99 | [62.152.0.0](https://vuldb.com/?ip.62.152.0.0) | - | - | High
|
||||
100 | [62.204.37.0](https://vuldb.com/?ip.62.204.37.0) | - | - | High
|
||||
101 | ... | ... | ... | ...
|
||||
|
||||
There are 279 more IOC items available. Please use our online service to access the data.
|
||||
There are 398 more IOC items available. Please use our online service to access the data.
|
||||
|
||||
## TTP - Tactics, Techniques, Procedures
|
||||
|
||||
|
@ -101,7 +131,7 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23 | Pathname Traversal | High
|
||||
1 | T1006 | CWE-21, CWE-22 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-294 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
|
@ -117,72 +147,77 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `.github/workflows/combine-prs.yml` | High
|
||||
2 | File | `.htaccess` | Medium
|
||||
3 | File | `/Admin/add-student.php` | High
|
||||
4 | File | `/admin/api/admin/articles/` | High
|
||||
5 | File | `/admin/conferences/list/` | High
|
||||
6 | File | `/admin/edit_admin_details.php?id=admin` | High
|
||||
7 | File | `/admin/generalsettings.php` | High
|
||||
8 | File | `/Admin/login.php` | High
|
||||
9 | File | `/admin/payment.php` | High
|
||||
10 | File | `/admin/reports.php` | High
|
||||
11 | File | `/admin/showbad.php` | High
|
||||
12 | File | `/apilog.php` | Medium
|
||||
13 | File | `/cgi-bin/kerbynet` | High
|
||||
14 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
15 | File | `/connectors/index.php` | High
|
||||
16 | File | `/dev/block/mmcblk0rpmb` | High
|
||||
17 | File | `/dms/admin/reports/daily_collection_report.php` | High
|
||||
18 | File | `/DocSystem/Repos/getReposAllUsers.do` | High
|
||||
19 | File | `/face-recognition-php/facepay-master/camera.php` | High
|
||||
20 | File | `/forum/away.php` | High
|
||||
21 | File | `/fos/admin/ajax.php?action=login` | High
|
||||
22 | File | `/fos/admin/index.php?page=menu` | High
|
||||
2 | File | `/Admin/add-student.php` | High
|
||||
3 | File | `/admin/api/admin/articles/` | High
|
||||
4 | File | `/Admin/login.php` | High
|
||||
5 | File | `/admin/showbad.php` | High
|
||||
6 | File | `/admin/subnets/ripe-query.php` | High
|
||||
7 | File | `/adms/admin/?page=vehicles/sell_vehicle` | High
|
||||
8 | File | `/adms/admin/?page=vehicles/view_transaction` | High
|
||||
9 | File | `/apilog.php` | Medium
|
||||
10 | File | `/APR/login.php` | High
|
||||
11 | File | `/bin/httpd` | Medium
|
||||
12 | File | `/cgi-bin/wapopen` | High
|
||||
13 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
14 | File | `/connectors/index.php` | High
|
||||
15 | File | `/dev/block/mmcblk0rpmb` | High
|
||||
16 | File | `/DocSystem/Repos/getReposAllUsers.do` | High
|
||||
17 | File | `/face-recognition-php/facepay-master/camera.php` | High
|
||||
18 | File | `/forum/away.php` | High
|
||||
19 | File | `/fos/admin/ajax.php?action=login` | High
|
||||
20 | File | `/fos/admin/index.php?page=menu` | High
|
||||
21 | File | `/home/masterConsole` | High
|
||||
22 | File | `/home/sendBroadcast` | High
|
||||
23 | File | `/hrm/employeeadd.php` | High
|
||||
24 | File | `/hrm/employeeview.php` | High
|
||||
25 | File | `/index.php` | Medium
|
||||
26 | File | `/Items/*/RemoteImages/Download` | High
|
||||
27 | File | `/items/view_item.php` | High
|
||||
28 | File | `/jsoa/hntdCustomDesktopActionContent` | High
|
||||
29 | File | `/lists/admin/` | High
|
||||
30 | File | `/lookin/info` | Medium
|
||||
31 | File | `/MagickCore/image.c` | High
|
||||
32 | File | `/manager/index.php` | High
|
||||
33 | File | `/medical/inventories.php` | High
|
||||
34 | File | `/modules/profile/index.php` | High
|
||||
35 | File | `/modules/projects/vw_files.php` | High
|
||||
36 | File | `/modules/public/calendar.php` | High
|
||||
37 | File | `/newsDia.php` | Medium
|
||||
38 | File | `/out.php` | Medium
|
||||
39 | File | `/proxy` | Low
|
||||
40 | File | `/public/launchNewWindow.jsp` | High
|
||||
41 | File | `/Redcock-Farm/farm/category.php` | High
|
||||
42 | File | `/reports/rwservlet` | High
|
||||
43 | File | `/sacco_shield/manage_user.php` | High
|
||||
44 | File | `/spip.php` | Medium
|
||||
45 | File | `/sqlitemanager/main.php?dbsel=-1%20or%2072%20=%2072` | High
|
||||
46 | File | `/staff/bookdetails.php` | High
|
||||
47 | File | `/TeleoptiWFM/Administration/GetOneTenant` | High
|
||||
48 | File | `/user/update_booking.php` | High
|
||||
49 | File | `/WEB-INF/web.xml` | High
|
||||
50 | File | `/Wedding-Management-PHP/admin/photos_add.php` | High
|
||||
26 | File | `/items/view_item.php` | High
|
||||
27 | File | `/jsoa/hntdCustomDesktopActionContent` | High
|
||||
28 | File | `/lookin/info` | Medium
|
||||
29 | File | `/manager/index.php` | High
|
||||
30 | File | `/medical/inventories.php` | High
|
||||
31 | File | `/modules/profile/index.php` | High
|
||||
32 | File | `/modules/projects/vw_files.php` | High
|
||||
33 | File | `/modules/public/calendar.php` | High
|
||||
34 | File | `/mygym/admin/index.php?view_exercises` | High
|
||||
35 | File | `/newsDia.php` | Medium
|
||||
36 | File | `/out.php` | Medium
|
||||
37 | File | `/php-opos/index.php` | High
|
||||
38 | File | `/proxy` | Low
|
||||
39 | File | `/public/launchNewWindow.jsp` | High
|
||||
40 | File | `/Redcock-Farm/farm/category.php` | High
|
||||
41 | File | `/reports/rwservlet` | High
|
||||
42 | File | `/sacco_shield/manage_user.php` | High
|
||||
43 | File | `/spip.php` | Medium
|
||||
44 | File | `/sqlitemanager/main.php?dbsel=-1%20or%2072%20=%2072` | High
|
||||
45 | File | `/staff/bookdetails.php` | High
|
||||
46 | File | `/uncpath/` | Medium
|
||||
47 | File | `/user/update_booking.php` | High
|
||||
48 | File | `/WEB-INF/web.xml` | High
|
||||
49 | File | `/Wedding-Management-PHP/admin/photos_add.php` | High
|
||||
50 | File | `/wireless/security.asp` | High
|
||||
51 | File | `/wordpress/wp-admin/options-general.php` | High
|
||||
52 | File | `/wp-content/plugins/woocommerce/templates/emails/plain/` | High
|
||||
53 | File | `01article.php` | High
|
||||
54 | File | `AbstractScheduleJob.java` | High
|
||||
55 | File | `actionphp/download.File.php` | High
|
||||
56 | File | `AdClass.php` | Medium
|
||||
56 | File | `activenews_view.asp` | High
|
||||
57 | File | `adclick.php` | Medium
|
||||
58 | File | `addtocart.asp` | High
|
||||
59 | ... | ... | ...
|
||||
59 | File | `admin.php` | Medium
|
||||
60 | File | `admin/abc.php` | High
|
||||
61 | File | `admin/admin.php?action=users&mode=info&user=2` | High
|
||||
62 | File | `admin/admin/adminsave.html` | High
|
||||
63 | ... | ... | ...
|
||||
|
||||
There are 520 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 556 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
The following list contains _external sources_ which discuss the actor and the associated activities:
|
||||
|
||||
* https://github.com/firehol/blocklist-ipsets/blob/master/geolite2_country/country_cy.netset
|
||||
* https://github.com/firehol/blocklist-ipsets/blob/master/ip2location_country/ip2location_country_cy.netset
|
||||
|
||||
## Literature
|
||||
|
||||
|
|
文件差异内容过多而无法显示
加载差异
|
@ -54,7 +54,7 @@ ID | Type | Indicator | Confidence
|
|||
3 | File | `/uncpath/` | Medium
|
||||
4 | ... | ... | ...
|
||||
|
||||
There are 24 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 25 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -74,9 +74,10 @@ ID | Type | Indicator | Confidence
|
|||
19 | File | `add_comment.php` | High
|
||||
20 | File | `admin.php` | Medium
|
||||
21 | File | `admin/admin.shtml` | High
|
||||
22 | ... | ... | ...
|
||||
22 | File | `admin/content.php` | High
|
||||
23 | ... | ... | ...
|
||||
|
||||
There are 186 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 189 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -59,7 +59,7 @@ ID | Type | Indicator | Confidence
|
|||
10 | File | `archivejson.cgi` | High
|
||||
11 | ... | ... | ...
|
||||
|
||||
There are 81 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 83 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -58,7 +58,7 @@ ID | Type | Indicator | Confidence
|
|||
8 | File | `add_comment.php` | High
|
||||
9 | ... | ... | ...
|
||||
|
||||
There are 62 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 64 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -4,6 +4,12 @@ These _indicators_ were reported, collected, and generated during the [VulDB CTI
|
|||
|
||||
_Live data_ and more _analysis capabilities_ are available at [https://vuldb.com/?actor.darkwatchman](https://vuldb.com/?actor.darkwatchman)
|
||||
|
||||
## Countries
|
||||
|
||||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with DarkWatchman:
|
||||
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
These _indicators of compromise_ (IOC) indicate associated network resources which are known to be part of research and attack activities of DarkWatchman.
|
||||
|
@ -12,6 +18,14 @@ ID | IP address | Hostname | Campaign | Confidence
|
|||
-- | ---------- | -------- | -------- | ----------
|
||||
1 | [45.156.27.245](https://vuldb.com/?ip.45.156.27.245) | dasee-1.net7.dns.cloudbackbone.net | - | High
|
||||
|
||||
## TTP - Tactics, Techniques, Procedures
|
||||
|
||||
_Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK techniques used by _DarkWatchman_. This data is unique as it uses our predictive model for actor profiling.
|
||||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1600 | CWE-310 | J2EE Misconfiguration: Data Transmission Without Encryption | High
|
||||
|
||||
## References
|
||||
|
||||
The following list contains _external sources_ which discuss the actor and the associated activities:
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [BR](https://vuldb.com/?country.br)
|
||||
* ...
|
||||
|
||||
There are 6 more country items available. Please use our online service to access the data.
|
||||
There are 7 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -55,11 +55,11 @@ ID | Type | Indicator | Confidence
|
|||
6 | File | `/wp-admin/admin-post.php?es_skip=1&option_name` | High
|
||||
7 | File | `admin/google_search_console/class-gsc-table.php` | High
|
||||
8 | File | `administrator/components/com_media/helpers/media.php` | High
|
||||
9 | File | `cgi-bin/qcmap_web_cgi` | High
|
||||
10 | File | `class/debug/debug_show.php` | High
|
||||
9 | File | `appserv/main.php` | High
|
||||
10 | File | `cgi-bin/qcmap_web_cgi` | High
|
||||
11 | ... | ... | ...
|
||||
|
||||
There are 83 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 85 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -9,6 +9,7 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
|
|||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Dealply:
|
||||
|
||||
* [IT](https://vuldb.com/?country.it)
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -33,13 +34,13 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-22, CWE-23, CWE-24, CWE-27, CWE-29 | Pathname Traversal | High
|
||||
2 | T1055 | CWE-74 | Injection | High
|
||||
3 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
1 | T1006 | CWE-22, CWE-23, CWE-24, CWE-25, CWE-27, CWE-29 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-294, CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
5 | ... | ... | ... | ...
|
||||
|
||||
There are 18 more TTP items available. Please use our online service to access the data.
|
||||
There are 17 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -47,51 +48,59 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/admin.php/accessory/filesdel.html` | High
|
||||
2 | File | `/admin.php/update/getFile.html` | High
|
||||
3 | File | `/admin/?page=user/manage` | High
|
||||
4 | File | `/admin/add-new.php` | High
|
||||
5 | File | `/admin/ajax.php` | High
|
||||
6 | File | `/admin/content/index` | High
|
||||
7 | File | `/admin/convert/export_z3950_new.php` | High
|
||||
8 | File | `/admin/delete_user.php` | High
|
||||
9 | File | `/admin/doctors.php` | High
|
||||
10 | File | `/admin/edit-doc.php` | High
|
||||
11 | File | `/admin/index3.php` | High
|
||||
12 | File | `/admin/login.php` | High
|
||||
13 | File | `/admin/main/mod-blog` | High
|
||||
14 | File | `/admin/manage_user.php` | High
|
||||
15 | File | `/admin/navbar.php` | High
|
||||
16 | File | `/admin/patient.php` | High
|
||||
17 | File | `/admin/upload` | High
|
||||
18 | File | `/admin/view_order.php` | High
|
||||
19 | File | `/admin1/config/update` | High
|
||||
20 | File | `/admin1/file/download` | High
|
||||
21 | File | `/agc/vicidial.php` | High
|
||||
22 | File | `/ajax/update_certificate` | High
|
||||
23 | File | `/alphaware/summary.php` | High
|
||||
24 | File | `/api/admin/system/store/order/list` | High
|
||||
25 | File | `/api/admin/user/list` | High
|
||||
26 | File | `/api/jmeter/download/files` | High
|
||||
27 | File | `/APR/login.php` | High
|
||||
28 | File | `/APR/signup.php` | High
|
||||
29 | File | `/billing/home.php` | High
|
||||
30 | File | `/boat/login.php` | High
|
||||
31 | File | `/cgi-bin/mainfunction.cgi` | High
|
||||
32 | File | `/cgi-bin/mft/wireless_mft` | High
|
||||
33 | File | `/data/config.ftp.php` | High
|
||||
34 | File | `/databases/database/edit` | High
|
||||
35 | File | `/databases/database/list` | High
|
||||
36 | File | `/databases/table/columns` | High
|
||||
37 | File | `/databases/table/list` | High
|
||||
38 | File | `/dist/index.js` | High
|
||||
39 | File | `/editor/index.php` | High
|
||||
40 | File | `/edoc/doctor/patient.php` | High
|
||||
41 | File | `/eduauth/student/search.php` | High
|
||||
42 | File | `/etc/init.d/openfire` | High
|
||||
43 | ... | ... | ...
|
||||
1 | File | `/admin.php/appcenter/local.html?type=addon` | High
|
||||
2 | File | `/admin.php?controller=admin_commonuser` | High
|
||||
3 | File | `/admin/ajax.php` | High
|
||||
4 | File | `/admin/assign/assign.php` | High
|
||||
5 | File | `/admin/content/index` | High
|
||||
6 | File | `/admin/convert/export_z3950_new.php` | High
|
||||
7 | File | `/admin/delete_user.php` | High
|
||||
8 | File | `/admin/getallarticleinfo` | High
|
||||
9 | File | `/admin/login.php` | High
|
||||
10 | File | `/admin/manage_user.php` | High
|
||||
11 | File | `/admin/navbar.php` | High
|
||||
12 | File | `/admin/reports/index.php` | High
|
||||
13 | File | `/admin/robot/approval/list` | High
|
||||
14 | File | `/admin/upload` | High
|
||||
15 | File | `/admin/view_order.php` | High
|
||||
16 | File | `/admin1/file/download` | High
|
||||
17 | File | `/admin_system/api.php` | High
|
||||
18 | File | `/agc/vicidial.php` | High
|
||||
19 | File | `/alphaware/details.php` | High
|
||||
20 | File | `/analysisProject/pagingQueryData` | High
|
||||
21 | File | `/api/admin/store/product/list` | High
|
||||
22 | File | `/api/admin/store/product/save` | High
|
||||
23 | File | `/api/admin/user/list` | High
|
||||
24 | File | `/api/jmeter/download/files` | High
|
||||
25 | File | `/api/upload` | Medium
|
||||
26 | File | `/batm/app/admin/standalone/deployments` | High
|
||||
27 | File | `/billing/home.php` | High
|
||||
28 | File | `/bookstore/bookPerPub.php` | High
|
||||
29 | File | `/bsenordering/index.php` | High
|
||||
30 | File | `/churchcrm/EventAttendance.php` | High
|
||||
31 | File | `/common/sysFile/list` | High
|
||||
32 | File | `/databases/database/edit` | High
|
||||
33 | File | `/databases/database/list` | High
|
||||
34 | File | `/databases/table/columns` | High
|
||||
35 | File | `/databases/table/list` | High
|
||||
36 | File | `/ecommerce/admin/category/controller.php` | High
|
||||
37 | File | `/ecommerce/admin/settings/setDiscount.php` | High
|
||||
38 | File | `/ecommerce/admin/user/controller.php?action=edit` | High
|
||||
39 | File | `/eduauth/student/search.php` | High
|
||||
40 | File | `/etc/init.d/openfire` | High
|
||||
41 | File | `/feeds/post/publish` | High
|
||||
42 | File | `/files/list-file` | High
|
||||
43 | File | `/file_manager/login.php` | High
|
||||
44 | File | `/geoserver/rest/about/status` | High
|
||||
45 | File | `/https_redirect.php` | High
|
||||
46 | File | `/kruxton/manage_user.php` | High
|
||||
47 | File | `/kruxton/navbar.php` | High
|
||||
48 | File | `/kruxton/receipt.php` | High
|
||||
49 | File | `/kruxton/sales_report.php` | High
|
||||
50 | File | `/NotrinosERP/sales/customer_delivery.php` | High
|
||||
51 | ... | ... | ...
|
||||
|
||||
There are 372 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 447 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
文件差异内容过多而无法显示
加载差异
|
@ -46,7 +46,7 @@ ID | Type | Indicator | Confidence
|
|||
4 | File | `data/gbconfiguration.dat` | High
|
||||
5 | ... | ... | ...
|
||||
|
||||
There are 27 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 29 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -16,11 +16,11 @@ The following _campaigns_ are known and can be associated with Donot:
|
|||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Donot:
|
||||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [CH](https://vuldb.com/?country.ch)
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
* [CH](https://vuldb.com/?country.ch)
|
||||
* ...
|
||||
|
||||
There are 5 more country items available. Please use our online service to access the data.
|
||||
There are 7 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -54,7 +54,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
4 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
5 | ... | ... | ... | ...
|
||||
|
||||
There are 15 more TTP items available. Please use our online service to access the data.
|
||||
There are 17 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -95,9 +95,11 @@ ID | Type | Indicator | Confidence
|
|||
31 | File | `/dashboard/add-blog.php` | High
|
||||
32 | File | `/dashboard/add-portfolio.php` | High
|
||||
33 | File | `/dashboard/settings` | High
|
||||
34 | ... | ... | ...
|
||||
34 | File | `/downloadmaster/dm_apply.cgi?action_mode=initial&download_type=General&special_cgi=get_language` | High
|
||||
35 | File | `/film-rating.php` | High
|
||||
36 | ... | ... | ...
|
||||
|
||||
There are 292 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 304 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -15,8 +15,11 @@ The following _campaigns_ are known and can be associated with Earth Kitsune:
|
|||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Earth Kitsune:
|
||||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [RU](https://vuldb.com/?country.ru)
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
* [GB](https://vuldb.com/?country.gb)
|
||||
* ...
|
||||
|
||||
There are 1 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [US](https://vuldb.com/?country.us)
|
||||
* ...
|
||||
|
||||
There are 14 more country items available. Please use our online service to access the data.
|
||||
There are 9 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -813,7 +813,7 @@ ID | IP address | Hostname | Campaign | Confidence
|
|||
790 | [64.227.100.222](https://vuldb.com/?ip.64.227.100.222) | - | - | High
|
||||
791 | ... | ... | ... | ...
|
||||
|
||||
There are 3160 more IOC items available. Please use our online service to access the data.
|
||||
There are 3161 more IOC items available. Please use our online service to access the data.
|
||||
|
||||
## TTP - Tactics, Techniques, Procedures
|
||||
|
||||
|
@ -822,13 +822,13 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-425 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-294, CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
4 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 18 more TTP items available. Please use our online service to access the data.
|
||||
There are 20 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -836,34 +836,49 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/.dbus-keyrings` | High
|
||||
2 | File | `/.env` | Low
|
||||
3 | File | `/api/blade-log/api/list` | High
|
||||
4 | File | `/bin/sh` | Low
|
||||
5 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
6 | File | `/cimom` | Low
|
||||
7 | File | `/context/%2e/WEB-INF/web.xml` | High
|
||||
8 | File | `/data/wps.setup.json` | High
|
||||
9 | File | `/debug/pprof` | Medium
|
||||
10 | File | `/forum/away.php` | High
|
||||
11 | File | `/forum/PostPrivateMessage` | High
|
||||
12 | File | `/officescan/console/html/cgi/fcgiOfcDDA.exe` | High
|
||||
13 | File | `/public/login.htm` | High
|
||||
14 | File | `/secure/QueryComponent!Default.jspa` | High
|
||||
15 | File | `/spip.php` | Medium
|
||||
16 | File | `/usr/bin/pkexec` | High
|
||||
17 | File | `/wp-admin/admin-ajax.php` | High
|
||||
18 | File | `/wp-admin/options.php` | High
|
||||
19 | File | `/wp-json/oembed/1.0/embed?url` | High
|
||||
20 | File | `adclick.php` | Medium
|
||||
21 | File | `adminer.php` | Medium
|
||||
22 | File | `api.php` | Low
|
||||
23 | File | `APKINDEX.tar.gz` | High
|
||||
24 | File | `AtlTraceTool8.exe` | High
|
||||
25 | File | `AutomaticZenRule.java` | High
|
||||
26 | ... | ... | ...
|
||||
1 | File | `//` | Low
|
||||
2 | File | `/admin.php/accessory/filesdel.html` | High
|
||||
3 | File | `/admin/?page=user/manage` | High
|
||||
4 | File | `/admin/add-new.php` | High
|
||||
5 | File | `/admin/delete_user.php` | High
|
||||
6 | File | `/admin/doctors.php` | High
|
||||
7 | File | `/admin/patient.php` | High
|
||||
8 | File | `/alphaware/summary.php` | High
|
||||
9 | File | `/api/` | Low
|
||||
10 | File | `/api/admin/system/store/order/list` | High
|
||||
11 | File | `/api/jmeter/download/files` | High
|
||||
12 | File | `/api/upload` | Medium
|
||||
13 | File | `/APR/login.php` | High
|
||||
14 | File | `/boat/login.php` | High
|
||||
15 | File | `/carbon/ndatasource/validateconnection/ajaxprocessor.jsp` | High
|
||||
16 | File | `/cgi-bin/supervisor/PwdGrp.cgi` | High
|
||||
17 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
18 | File | `/common/sysFile/list` | High
|
||||
19 | File | `/debug/pprof` | Medium
|
||||
20 | File | `/DXR.axd` | Medium
|
||||
21 | File | `/etc/sudoers` | Medium
|
||||
22 | File | `/filemanager/php/connector.php` | High
|
||||
23 | File | `/files/import` | High
|
||||
24 | File | `/forum/away.php` | High
|
||||
25 | File | `/getcfg.php` | Medium
|
||||
26 | File | `/goform/addressNat` | High
|
||||
27 | File | `/home/www/cgi-bin/login.cgi` | High
|
||||
28 | File | `/j_security_check` | High
|
||||
29 | File | `/librarian/bookdetails.php` | High
|
||||
30 | File | `/mhds/clinic/view_details.php` | High
|
||||
31 | File | `/modules/projects/vw_files.php` | High
|
||||
32 | File | `/reservation/add_message.php` | High
|
||||
33 | File | `/rom-0` | Low
|
||||
34 | File | `/rukovoditel/index.php?module=users/login` | High
|
||||
35 | File | `/secure/QueryComponent!Default.jspa` | High
|
||||
36 | File | `/static/ueditor/php/controller.php` | High
|
||||
37 | File | `/usr/bin/at` | Medium
|
||||
38 | File | `/var/WEB-GUI/cgi-bin/telnet.cgi` | High
|
||||
39 | File | `/wabt/bin/poc.wasm` | High
|
||||
40 | File | `/wireless/security.asp` | High
|
||||
41 | ... | ... | ...
|
||||
|
||||
There are 222 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 354 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
@ -970,6 +985,7 @@ The following list contains _external sources_ which discuss the actor and the a
|
|||
* https://github.com/A-dd-Y/secops/blob/main/MalwareIOC/triage-emotet-c2.txt
|
||||
* https://github.com/blackorbird/APT_REPORT/blob/master/cybercrime/emotet/Emotet_Exposed_A_Look_Inside_the_Cybercriminal_Supply_Chain.pdf
|
||||
* https://github.com/Cisco-Talos/IOCs/blob/main/2022/11/Emotet_contacted_ips.txt
|
||||
* https://github.com/Cisco-Talos/IOCs/blob/main/2023/03/emotet-switches-to-onenote.txt
|
||||
* https://github.com/executemalware/Malware-IOCs/blob/main/2021-11-17%20Emotet%20IOCs
|
||||
* https://github.com/executemalware/Malware-IOCs/blob/main/2021-12-09%20Emotet%20IOCs
|
||||
* https://github.com/executemalware/Malware-IOCs/blob/main/2022-01-20%20Emotet%20IOCs
|
||||
|
|
|
@ -14,12 +14,12 @@ The following _campaigns_ are known and can be associated with Equation:
|
|||
|
||||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Equation:
|
||||
|
||||
* [ES](https://vuldb.com/?country.es)
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [GB](https://vuldb.com/?country.gb)
|
||||
* [KE](https://vuldb.com/?country.ke)
|
||||
* [PK](https://vuldb.com/?country.pk)
|
||||
* [KR](https://vuldb.com/?country.kr)
|
||||
* ...
|
||||
|
||||
There are 4 more country items available. Please use our online service to access the data.
|
||||
There are 1 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -28,14 +28,62 @@ These _indicators of compromise_ (IOC) indicate associated network resources whi
|
|||
ID | IP address | Hostname | Campaign | Confidence
|
||||
-- | ---------- | -------- | -------- | ----------
|
||||
1 | [41.222.35.70](https://vuldb.com/?ip.41.222.35.70) | 70.35.static.rdns.co.za | - | High
|
||||
2 | [62.216.152.67](https://vuldb.com/?ip.62.216.152.67) | - | - | High
|
||||
3 | [64.76.82.52](https://vuldb.com/?ip.64.76.82.52) | c647682-52.static.impsat.com.co | - | High
|
||||
4 | [80.77.4.3](https://vuldb.com/?ip.80.77.4.3) | - | - | High
|
||||
5 | [81.31.34.175](https://vuldb.com/?ip.81.31.34.175) | 81-31-34-175.static.masterinter.net | - | High
|
||||
6 | [81.31.36.174](https://vuldb.com/?ip.81.31.36.174) | vl504.sl509s.r1-3.dc1.4d.prg.masterinter.net | - | High
|
||||
7 | ... | ... | ... | ...
|
||||
2 | [61.0.0.46](https://vuldb.com/?ip.61.0.0.46) | - | - | High
|
||||
3 | [61.0.0.71](https://vuldb.com/?ip.61.0.0.71) | - | - | High
|
||||
4 | [61.1.64.45](https://vuldb.com/?ip.61.1.64.45) | - | - | High
|
||||
5 | [61.1.128.17](https://vuldb.com/?ip.61.1.128.17) | - | - | High
|
||||
6 | [61.1.128.71](https://vuldb.com/?ip.61.1.128.71) | - | - | High
|
||||
7 | [62.56.174.152](https://vuldb.com/?ip.62.56.174.152) | - | - | High
|
||||
8 | [62.76.114.22](https://vuldb.com/?ip.62.76.114.22) | - | - | High
|
||||
9 | [62.116.144.147](https://vuldb.com/?ip.62.116.144.147) | live.onsite-it.net | - | High
|
||||
10 | [62.116.144.150](https://vuldb.com/?ip.62.116.144.150) | onsite.onsite-it.net | - | High
|
||||
11 | [62.116.144.190](https://vuldb.com/?ip.62.116.144.190) | acronistest.kuhlma-cloud.de | - | High
|
||||
12 | [62.216.152.67](https://vuldb.com/?ip.62.216.152.67) | - | - | High
|
||||
13 | [64.76.82.52](https://vuldb.com/?ip.64.76.82.52) | c647682-52.static.impsat.com.co | - | High
|
||||
14 | [66.128.32.67](https://vuldb.com/?ip.66.128.32.67) | host-67-32-128-66.rev.itelsa.com.ar | - | High
|
||||
15 | [66.128.32.68](https://vuldb.com/?ip.66.128.32.68) | host-68-32-128-66.rev.itelsa.com.ar | - | High
|
||||
16 | [80.77.4.3](https://vuldb.com/?ip.80.77.4.3) | - | - | High
|
||||
17 | [80.82.162.118](https://vuldb.com/?ip.80.82.162.118) | - | - | High
|
||||
18 | [80.191.2.2](https://vuldb.com/?ip.80.191.2.2) | - | - | High
|
||||
19 | [81.31.34.175](https://vuldb.com/?ip.81.31.34.175) | 81-31-34-175.static.masterinter.net | - | High
|
||||
20 | [81.31.36.174](https://vuldb.com/?ip.81.31.36.174) | vl504.sl509s.r1-3.dc1.4d.prg.masterinter.net | - | High
|
||||
21 | [81.31.38.163](https://vuldb.com/?ip.81.31.38.163) | 81-31-38-163.static.masterinter.net | - | High
|
||||
22 | [81.31.38.166](https://vuldb.com/?ip.81.31.38.166) | 81-31-38-166.static.masterinter.net | - | High
|
||||
23 | [81.94.47.83](https://vuldb.com/?ip.81.94.47.83) | - | - | High
|
||||
24 | [82.192.68.37](https://vuldb.com/?ip.82.192.68.37) | - | - | High
|
||||
25 | [84.233.205.99](https://vuldb.com/?ip.84.233.205.99) | - | - | High
|
||||
26 | [85.112.1.83](https://vuldb.com/?ip.85.112.1.83) | - | - | High
|
||||
27 | [87.255.38.2](https://vuldb.com/?ip.87.255.38.2) | - | - | High
|
||||
28 | [88.147.128.28](https://vuldb.com/?ip.88.147.128.28) | mail.san.ru | - | High
|
||||
29 | [89.18.177.3](https://vuldb.com/?ip.89.18.177.3) | 89-18-177-3.reasonnet.com | - | High
|
||||
30 | [109.71.45.115](https://vuldb.com/?ip.109.71.45.115) | smtp-out.wisdomgroup.pt | Gauss | High
|
||||
31 | [125.10.31.145](https://vuldb.com/?ip.125.10.31.145) | 125-10-31-145.rev.home.ne.jp | - | High
|
||||
32 | [129.187.244.204](https://vuldb.com/?ip.129.187.244.204) | mailrelay2.rz.fh-muenchen.de | - | High
|
||||
33 | [129.194.41.4](https://vuldb.com/?ip.129.194.41.4) | - | - | High
|
||||
34 | [129.194.49.47](https://vuldb.com/?ip.129.194.49.47) | - | - | High
|
||||
35 | [129.194.97.8](https://vuldb.com/?ip.129.194.97.8) | - | - | High
|
||||
36 | [130.34.115.132](https://vuldb.com/?ip.130.34.115.132) | ns2.chem.tohoku.ac.jp | - | High
|
||||
37 | [130.134.115.132](https://vuldb.com/?ip.130.134.115.132) | - | - | High
|
||||
38 | [130.237.234.3](https://vuldb.com/?ip.130.237.234.3) | milko.stacken.kth.se | - | High
|
||||
39 | [130.237.234.17](https://vuldb.com/?ip.130.237.234.17) | ns.stacken.kth.se | - | High
|
||||
40 | [130.237.234.51](https://vuldb.com/?ip.130.237.234.51) | - | - | High
|
||||
41 | [130.237.234.53](https://vuldb.com/?ip.130.237.234.53) | ns53.stacken.kth.se | - | High
|
||||
42 | [130.237.234.151](https://vuldb.com/?ip.130.237.234.151) | mount-kilimanjaro.stacken.kth.se | - | High
|
||||
43 | [130.237.234.152](https://vuldb.com/?ip.130.237.234.152) | snacks.stacken.kth.se | - | High
|
||||
44 | [131.188.3.200](https://vuldb.com/?ip.131.188.3.200) | reserved.rrze.uni-erlangen.de | - | High
|
||||
45 | [132.248.10.2](https://vuldb.com/?ip.132.248.10.2) | dns2.unam.mx | - | High
|
||||
46 | [132.248.204.1](https://vuldb.com/?ip.132.248.204.1) | dns1.unam.mx | - | High
|
||||
47 | [132.248.253.1](https://vuldb.com/?ip.132.248.253.1) | ve53.zc-dist.unam.mx | - | High
|
||||
48 | [133.3.5.2](https://vuldb.com/?ip.133.3.5.2) | pfdsun.kuicr.kyoto-u.ac.jp | - | High
|
||||
49 | [133.3.5.20](https://vuldb.com/?ip.133.3.5.20) | icrsun.kuicr.kyoto-u.ac.jp | - | High
|
||||
50 | [133.3.5.30](https://vuldb.com/?ip.133.3.5.30) | - | - | High
|
||||
51 | [133.3.5.33](https://vuldb.com/?ip.133.3.5.33) | sms.uji.kyoto-u.ac.jp | - | High
|
||||
52 | [133.26.135.224](https://vuldb.com/?ip.133.26.135.224) | - | - | High
|
||||
53 | [133.31.106.46](https://vuldb.com/?ip.133.31.106.46) | ci970000.ci.noda.sut.ac.jp | - | High
|
||||
54 | [133.41.145.11](https://vuldb.com/?ip.133.41.145.11) | 145-011.eduroam.hiroshima-u.ac.jp | - | High
|
||||
55 | ... | ... | ... | ...
|
||||
|
||||
There are 24 more IOC items available. Please use our online service to access the data.
|
||||
There are 214 more IOC items available. Please use our online service to access the data.
|
||||
|
||||
## TTP - Tactics, Techniques, Procedures
|
||||
|
||||
|
@ -48,7 +96,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
3 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 9 more TTP items available. Please use our online service to access the data.
|
||||
There are 13 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -56,17 +104,23 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/data/wps.setup.json` | High
|
||||
2 | File | `/exec/` | Low
|
||||
3 | File | `/lists/index.php` | High
|
||||
4 | ... | ... | ...
|
||||
1 | File | `.htaccess` | Medium
|
||||
2 | File | `/.env` | Low
|
||||
3 | File | `/aux` | Low
|
||||
4 | File | `/cgi-bin/kerbynet` | High
|
||||
5 | File | `/cgi-bin/system_mgr.cgi` | High
|
||||
6 | File | `/cgi-bin/upload_vpntar` | High
|
||||
7 | File | `/edit-db.php` | Medium
|
||||
8 | File | `/EXCU_SHELL` | Medium
|
||||
9 | ... | ... | ...
|
||||
|
||||
There are 19 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 66 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
The following list contains _external sources_ which discuss the actor and the associated activities:
|
||||
|
||||
* https://github.com/blackorbird/APT_REPORT/blob/master/EquationGroup/The_Bvp47_a_top-tier_backdoor_of_us_nsa_equation_group.en.pdf
|
||||
* https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2018/03/08064459/Equation_group_questions_and_answers.pdf
|
||||
* https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2018/03/20134940/kaspersky-lab-gauss.pdf
|
||||
|
||||
|
|
|
@ -9,11 +9,11 @@ _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com
|
|||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Europe Unknown:
|
||||
|
||||
* [US](https://vuldb.com/?country.us)
|
||||
* [SH](https://vuldb.com/?country.sh)
|
||||
* [CN](https://vuldb.com/?country.cn)
|
||||
* [JP](https://vuldb.com/?country.jp)
|
||||
* ...
|
||||
|
||||
There are 27 more country items available. Please use our online service to access the data.
|
||||
There are 24 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -24822,12 +24822,12 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23 | Pathname Traversal | High
|
||||
2 | T1055 | CWE-74 | Injection | High
|
||||
3 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
|
||||
4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
|
||||
5 | ... | ... | ... | ...
|
||||
|
||||
There are 17 more TTP items available. Please use our online service to access the data.
|
||||
There are 16 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -24835,49 +24835,78 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `$GIT_DIR/objects` | High
|
||||
2 | File | `/admin.php/accessory/filesdel.html` | High
|
||||
3 | File | `/admin.php/update/getFile.html` | High
|
||||
4 | File | `/admin/` | Low
|
||||
5 | File | `/admin/?page=user/manage` | High
|
||||
6 | File | `/admin/add-new.php` | High
|
||||
7 | File | `/admin/admin_manage/delete` | High
|
||||
8 | File | `/admin/doctors.php` | High
|
||||
9 | File | `/admin/edit-doc.php` | High
|
||||
10 | File | `/admin/index2.html` | High
|
||||
11 | File | `/admin/index3.php` | High
|
||||
12 | File | `/admin/patient.php` | High
|
||||
13 | File | `/admin/scripts/pi-hole/phpqueryads.php` | High
|
||||
14 | File | `/adms/admin/?page=user/manage_user` | High
|
||||
15 | File | `/adms/admin/?page=vehicles/sell_vehicle` | High
|
||||
16 | File | `/adms/admin/?page=vehicles/view_transaction` | High
|
||||
17 | File | `/adms/classes/Users.php` | High
|
||||
18 | File | `/APR/signup.php` | High
|
||||
19 | File | `/backup.pl` | Medium
|
||||
20 | File | `/bin/sh` | Low
|
||||
21 | File | `/boat/login.php` | High
|
||||
22 | File | `/cgi-bin/mainfunction.cgi` | High
|
||||
23 | File | `/cgi-bin/supervisor/adcommand.cgi` | High
|
||||
24 | File | `/cgi-bin/supervisor/CloudSetup.cgi` | High
|
||||
25 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
26 | File | `/cmscp/ext/collect/fetch_url.do` | High
|
||||
27 | File | `/context/%2e/WEB-INF/web.xml` | High
|
||||
28 | File | `/controller/OnlinePreviewController.java` | High
|
||||
29 | File | `/data/config.ftp.php` | High
|
||||
30 | File | `/debug/pprof` | Medium
|
||||
31 | File | `/editor/index.php` | High
|
||||
32 | File | `/edoc/doctor/patient.php` | High
|
||||
33 | File | `/forms/doLogin` | High
|
||||
34 | File | `/forum/away.php` | High
|
||||
35 | File | `/IISADMPWD` | Medium
|
||||
36 | File | `/Moosikay/order.php` | High
|
||||
37 | File | `/mygym/admin/index.php?view_exercises` | High
|
||||
38 | File | `/out.php` | Medium
|
||||
39 | File | `/pet_shop/admin/orders/update_status.php` | High
|
||||
40 | File | `/php-fusion/infusions/shoutbox_panel/shoutbox_archive.php` | High
|
||||
41 | ... | ... | ...
|
||||
1 | File | `/+CSCOE+/logon.html` | High
|
||||
2 | File | `/?ajax-request=jnews` | High
|
||||
3 | File | `/admin/` | Low
|
||||
4 | File | `/admin/ajax.php` | High
|
||||
5 | File | `/admin/content/index` | High
|
||||
6 | File | `/admin/delete_user.php` | High
|
||||
7 | File | `/admin/index3.php` | High
|
||||
8 | File | `/admin/login.php` | High
|
||||
9 | File | `/admin/patient.php` | High
|
||||
10 | File | `/admin_system/api.php` | High
|
||||
11 | File | `/ad_js.php` | Medium
|
||||
12 | File | `/alphaware/summary.php` | High
|
||||
13 | File | `/alumni/admin/ajax.php?action=save_settings` | High
|
||||
14 | File | `/api/v1/attack/falco` | High
|
||||
15 | File | `/APR/login.php` | High
|
||||
16 | File | `/APR/signup.php` | High
|
||||
17 | File | `/aux` | Low
|
||||
18 | File | `/backup.pl` | Medium
|
||||
19 | File | `/categorypage.php` | High
|
||||
20 | File | `/cgi-bin/wapopen` | High
|
||||
21 | File | `/cha.php` | Medium
|
||||
22 | File | `/College/admin/teacher.php` | High
|
||||
23 | File | `/drivers/block/floppy.c` | High
|
||||
24 | File | `/edoc/doctor/patient.php` | High
|
||||
25 | File | `/etc/shadow` | Medium
|
||||
26 | File | `/etc/tomcat8/Catalina/attack` | High
|
||||
27 | File | `/file_manager/login.php` | High
|
||||
28 | File | `/forum/away.php` | High
|
||||
29 | File | `/fos/admin/ajax.php` | High
|
||||
30 | File | `/fos/admin/ajax.php?action=save_settings` | High
|
||||
31 | File | `/mims/login.php` | High
|
||||
32 | File | `/Moosikay/order.php` | High
|
||||
33 | File | `/ordering/admin/orders/loaddata.php` | High
|
||||
34 | File | `/ordering/admin/stockin/loaddata.php` | High
|
||||
35 | File | `/param.file.tgz` | High
|
||||
36 | File | `/philosophy/admin/login.php` | High
|
||||
37 | File | `/philosophy/admin/user/controller.php?action=add` | High
|
||||
38 | File | `/php-opos/login.php` | High
|
||||
39 | File | `/priv_mgt.html` | High
|
||||
40 | File | `/proxy` | Low
|
||||
41 | File | `/public/launchNewWindow.jsp` | High
|
||||
42 | File | `/reservation/add_message.php` | High
|
||||
43 | File | `/resources//../` | High
|
||||
44 | File | `/rest/project-templates/1.0/createshared` | High
|
||||
45 | File | `/reviewer_0/admins/assessments/pretest/questions-view.php` | High
|
||||
46 | File | `/spip.php` | Medium
|
||||
47 | File | `/textpattern/index.php` | High
|
||||
48 | File | `/tmp` | Low
|
||||
49 | File | `/upload` | Low
|
||||
50 | File | `/vendor/views/add_product.php` | High
|
||||
51 | File | `3G/UMTS` | Low
|
||||
52 | File | `account/signup.php` | High
|
||||
53 | File | `AcquisiAction.class.php` | High
|
||||
54 | File | `activenews_view.asp` | High
|
||||
55 | File | `ad-blocking-detector.php` | High
|
||||
56 | File | `ad.php` | Low
|
||||
57 | File | `addentry.php` | Medium
|
||||
58 | File | `addmem.php` | Medium
|
||||
59 | File | `admin-ajax.php` | High
|
||||
60 | File | `admin.php` | Medium
|
||||
61 | File | `admin/?page=admin` | High
|
||||
62 | File | `admin/?page=students/view_student` | High
|
||||
63 | File | `admin/?page=user/list` | High
|
||||
64 | File | `admin/ab.php` | Medium
|
||||
65 | File | `admin/adminlog.php` | High
|
||||
66 | File | `admin/admin_editor.php` | High
|
||||
67 | File | `admin/ajax.php?action=login2` | High
|
||||
68 | File | `admin/categories/manage_category.php` | High
|
||||
69 | File | `admin/clients/view_client.php` | High
|
||||
70 | ... | ... | ...
|
||||
|
||||
There are 354 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 616 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -49,65 +49,68 @@ ID | Type | Indicator | Confidence
|
|||
1 | File | `.github/workflows/combine-prs.yml` | High
|
||||
2 | File | `/Admin/add-student.php` | High
|
||||
3 | File | `/admin/api/admin/articles/` | High
|
||||
4 | File | `/admin/conferences/list/` | High
|
||||
5 | File | `/Admin/login.php` | High
|
||||
6 | File | `/admin/showbad.php` | High
|
||||
7 | File | `/adms/admin/?page=vehicles/sell_vehicle` | High
|
||||
8 | File | `/adms/admin/?page=vehicles/view_transaction` | High
|
||||
9 | File | `/apilog.php` | Medium
|
||||
10 | File | `/APR/login.php` | High
|
||||
11 | File | `/bin/httpd` | Medium
|
||||
12 | File | `/cgi-bin/wapopen` | High
|
||||
13 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
14 | File | `/connectors/index.php` | High
|
||||
15 | File | `/dev/block/mmcblk0rpmb` | High
|
||||
16 | File | `/DocSystem/Repos/getReposAllUsers.do` | High
|
||||
17 | File | `/face-recognition-php/facepay-master/camera.php` | High
|
||||
18 | File | `/forum/away.php` | High
|
||||
19 | File | `/fos/admin/ajax.php?action=login` | High
|
||||
20 | File | `/fos/admin/index.php?page=menu` | High
|
||||
21 | File | `/home/masterConsole` | High
|
||||
22 | File | `/home/sendBroadcast` | High
|
||||
23 | File | `/hrm/employeeadd.php` | High
|
||||
24 | File | `/hrm/employeeview.php` | High
|
||||
25 | File | `/index.php` | Medium
|
||||
26 | File | `/items/view_item.php` | High
|
||||
27 | File | `/jsoa/hntdCustomDesktopActionContent` | High
|
||||
28 | File | `/lookin/info` | Medium
|
||||
29 | File | `/manager/index.php` | High
|
||||
30 | File | `/medical/inventories.php` | High
|
||||
31 | File | `/modules/profile/index.php` | High
|
||||
32 | File | `/modules/projects/vw_files.php` | High
|
||||
33 | File | `/modules/public/calendar.php` | High
|
||||
34 | File | `/mygym/admin/index.php?view_exercises` | High
|
||||
35 | File | `/newsDia.php` | Medium
|
||||
36 | File | `/out.php` | Medium
|
||||
37 | File | `/php-opos/index.php` | High
|
||||
38 | File | `/proxy` | Low
|
||||
39 | File | `/public/launchNewWindow.jsp` | High
|
||||
40 | File | `/Redcock-Farm/farm/category.php` | High
|
||||
41 | File | `/reports/rwservlet` | High
|
||||
42 | File | `/sacco_shield/manage_user.php` | High
|
||||
43 | File | `/spip.php` | Medium
|
||||
44 | File | `/sqlitemanager/main.php?dbsel=-1%20or%2072%20=%2072` | High
|
||||
45 | File | `/staff/bookdetails.php` | High
|
||||
46 | File | `/uncpath/` | Medium
|
||||
47 | File | `/user/update_booking.php` | High
|
||||
48 | File | `/WEB-INF/web.xml` | High
|
||||
49 | File | `/Wedding-Management-PHP/admin/photos_add.php` | High
|
||||
50 | File | `/wireless/security.asp` | High
|
||||
51 | File | `/wordpress/wp-admin/options-general.php` | High
|
||||
52 | File | `/wp-content/plugins/woocommerce/templates/emails/plain/` | High
|
||||
53 | File | `01article.php` | High
|
||||
54 | File | `AbstractScheduleJob.java` | High
|
||||
55 | File | `actionphp/download.File.php` | High
|
||||
4 | File | `/Admin/login.php` | High
|
||||
5 | File | `/admin/showbad.php` | High
|
||||
6 | File | `/adms/admin/?page=vehicles/sell_vehicle` | High
|
||||
7 | File | `/adms/admin/?page=vehicles/view_transaction` | High
|
||||
8 | File | `/apilog.php` | Medium
|
||||
9 | File | `/APR/login.php` | High
|
||||
10 | File | `/bin/httpd` | Medium
|
||||
11 | File | `/cgi-bin/wapopen` | High
|
||||
12 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
13 | File | `/connectors/index.php` | High
|
||||
14 | File | `/dev/block/mmcblk0rpmb` | High
|
||||
15 | File | `/DocSystem/Repos/getReposAllUsers.do` | High
|
||||
16 | File | `/face-recognition-php/facepay-master/camera.php` | High
|
||||
17 | File | `/forum/away.php` | High
|
||||
18 | File | `/fos/admin/ajax.php?action=login` | High
|
||||
19 | File | `/fos/admin/index.php?page=menu` | High
|
||||
20 | File | `/home/masterConsole` | High
|
||||
21 | File | `/home/sendBroadcast` | High
|
||||
22 | File | `/hrm/employeeadd.php` | High
|
||||
23 | File | `/hrm/employeeview.php` | High
|
||||
24 | File | `/index.php` | Medium
|
||||
25 | File | `/items/view_item.php` | High
|
||||
26 | File | `/jsoa/hntdCustomDesktopActionContent` | High
|
||||
27 | File | `/lookin/info` | Medium
|
||||
28 | File | `/manager/index.php` | High
|
||||
29 | File | `/medical/inventories.php` | High
|
||||
30 | File | `/modules/profile/index.php` | High
|
||||
31 | File | `/modules/projects/vw_files.php` | High
|
||||
32 | File | `/modules/public/calendar.php` | High
|
||||
33 | File | `/mygym/admin/index.php?view_exercises` | High
|
||||
34 | File | `/newsDia.php` | Medium
|
||||
35 | File | `/out.php` | Medium
|
||||
36 | File | `/php-opos/index.php` | High
|
||||
37 | File | `/proxy` | Low
|
||||
38 | File | `/public/launchNewWindow.jsp` | High
|
||||
39 | File | `/Redcock-Farm/farm/category.php` | High
|
||||
40 | File | `/reports/rwservlet` | High
|
||||
41 | File | `/sacco_shield/manage_user.php` | High
|
||||
42 | File | `/spip.php` | Medium
|
||||
43 | File | `/sqlitemanager/main.php?dbsel=-1%20or%2072%20=%2072` | High
|
||||
44 | File | `/staff/bookdetails.php` | High
|
||||
45 | File | `/uncpath/` | Medium
|
||||
46 | File | `/user/update_booking.php` | High
|
||||
47 | File | `/WEB-INF/web.xml` | High
|
||||
48 | File | `/Wedding-Management-PHP/admin/photos_add.php` | High
|
||||
49 | File | `/wireless/security.asp` | High
|
||||
50 | File | `/wordpress/wp-admin/options-general.php` | High
|
||||
51 | File | `/wp-content/plugins/woocommerce/templates/emails/plain/` | High
|
||||
52 | File | `01article.php` | High
|
||||
53 | File | `AbstractScheduleJob.java` | High
|
||||
54 | File | `actionphp/download.File.php` | High
|
||||
55 | File | `activenews_view.asp` | High
|
||||
56 | File | `adclick.php` | Medium
|
||||
57 | File | `addtocart.asp` | High
|
||||
58 | File | `admin.php` | Medium
|
||||
59 | File | `admin/abc.php` | High
|
||||
60 | ... | ... | ...
|
||||
60 | File | `admin/admin.php?action=users&mode=info&user=2` | High
|
||||
61 | File | `admin/admin/adminsave.html` | High
|
||||
62 | File | `admin/conf_users_edit.php` | High
|
||||
63 | ... | ... | ...
|
||||
|
||||
There are 529 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 552 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -24,7 +24,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [RU](https://vuldb.com/?country.ru)
|
||||
* ...
|
||||
|
||||
There are 24 more country items available. Please use our online service to access the data.
|
||||
There are 22 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -97,7 +97,7 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-28 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-294 | Authentication Bypass by Capture-replay | High
|
||||
2 | T1040 | CWE-294, CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
|
@ -137,23 +137,23 @@ ID | Type | Indicator | Confidence
|
|||
24 | File | `/forum/away.php` | High
|
||||
25 | File | `/fos/admin/ajax.php?action=login` | High
|
||||
26 | File | `/fos/admin/index.php?page=menu` | High
|
||||
27 | File | `/goform/wizard_end` | High
|
||||
28 | File | `/home/masterConsole` | High
|
||||
29 | File | `/home/sendBroadcast` | High
|
||||
30 | File | `/hrm/employeeadd.php` | High
|
||||
31 | File | `/hrm/employeeview.php` | High
|
||||
32 | File | `/jsoa/hntdCustomDesktopActionContent` | High
|
||||
33 | File | `/lookin/info` | Medium
|
||||
34 | File | `/medicines/profile.php` | High
|
||||
35 | File | `/modules/caddyhttp/rewrite/rewrite.go` | High
|
||||
36 | File | `/mygym/admin/index.php?view_exercises` | High
|
||||
37 | File | `/out.php` | Medium
|
||||
38 | File | `/php-opos/index.php` | High
|
||||
39 | File | `/proxy` | Low
|
||||
40 | File | `/Redcock-Farm/farm/category.php` | High
|
||||
41 | File | `/reports/rwservlet` | High
|
||||
42 | File | `/reservation/add_message.php` | High
|
||||
43 | File | `/secure/QueryComponent!Default.jspa` | High
|
||||
27 | File | `/home/masterConsole` | High
|
||||
28 | File | `/home/sendBroadcast` | High
|
||||
29 | File | `/hrm/employeeadd.php` | High
|
||||
30 | File | `/hrm/employeeview.php` | High
|
||||
31 | File | `/jsoa/hntdCustomDesktopActionContent` | High
|
||||
32 | File | `/lookin/info` | Medium
|
||||
33 | File | `/medicines/profile.php` | High
|
||||
34 | File | `/modules/caddyhttp/rewrite/rewrite.go` | High
|
||||
35 | File | `/mygym/admin/index.php?view_exercises` | High
|
||||
36 | File | `/php-opos/index.php` | High
|
||||
37 | File | `/proxy` | Low
|
||||
38 | File | `/public/launchNewWindow.jsp` | High
|
||||
39 | File | `/Redcock-Farm/farm/category.php` | High
|
||||
40 | File | `/reports/rwservlet` | High
|
||||
41 | File | `/reservation/add_message.php` | High
|
||||
42 | File | `/secure/QueryComponent!Default.jspa` | High
|
||||
43 | File | `/Session` | Medium
|
||||
44 | File | `/spip.php` | Medium
|
||||
45 | File | `/tmp` | Low
|
||||
46 | File | `/uncpath/` | Medium
|
||||
|
@ -161,9 +161,11 @@ ID | Type | Indicator | Confidence
|
|||
48 | File | `/video-sharing-script/watch-video.php` | High
|
||||
49 | File | `/wireless/security.asp` | High
|
||||
50 | File | `/xxl-job-admin/jobinfo` | High
|
||||
51 | ... | ... | ...
|
||||
51 | File | `01article.php` | High
|
||||
52 | File | `AbstractScheduleJob.java` | High
|
||||
53 | ... | ... | ...
|
||||
|
||||
There are 445 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 461 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -63,7 +63,7 @@ ID | Type | Indicator | Confidence
|
|||
13 | File | `/secure/QueryComponent!Default.jspa` | High
|
||||
14 | ... | ... | ...
|
||||
|
||||
There are 109 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 110 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -335,9 +335,10 @@ ID | Technique | Weakness | Description | Confidence
|
|||
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
5 | ... | ... | ... | ...
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 17 more TTP items available. Please use our online service to access the data.
|
||||
There are 18 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -350,39 +351,46 @@ ID | Type | Indicator | Confidence
|
|||
3 | File | `/admin/index2.html` | High
|
||||
4 | File | `/admin/patient.php` | High
|
||||
5 | File | `/admin/scripts/pi-hole/phpqueryads.php` | High
|
||||
6 | File | `/adms/admin/?page=vehicles/sell_vehicle` | High
|
||||
7 | File | `/adms/admin/?page=vehicles/view_transaction` | High
|
||||
8 | File | `/APR/login.php` | High
|
||||
9 | File | `/APR/signup.php` | High
|
||||
10 | File | `/as/authorization.oauth2` | High
|
||||
11 | File | `/bin/sh` | Low
|
||||
12 | File | `/boat/login.php` | High
|
||||
13 | File | `/bsms_ci/index.php/user/edit_user/` | High
|
||||
14 | File | `/cgi-bin/luci/api/auth` | High
|
||||
15 | File | `/cgi-bin/wapopen` | High
|
||||
16 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
17 | File | `/cimom` | Low
|
||||
18 | File | `/context/%2e/WEB-INF/web.xml` | High
|
||||
19 | File | `/controller/OnlinePreviewController.java` | High
|
||||
20 | File | `/debug/pprof` | Medium
|
||||
21 | File | `/DXR.axd` | Medium
|
||||
22 | File | `/ecshop/admin/template.php` | High
|
||||
23 | File | `/etc/openstack-dashboard/local_settings` | High
|
||||
24 | File | `/etc/sudoers` | Medium
|
||||
25 | File | `/filemanager/php/connector.php` | High
|
||||
26 | File | `/forum/away.php` | High
|
||||
27 | File | `/forum/PostPrivateMessage` | High
|
||||
28 | File | `/home/www/cgi-bin/login.cgi` | High
|
||||
29 | File | `/IISADMPWD` | Medium
|
||||
30 | File | `/Moosikay/order.php` | High
|
||||
31 | File | `/mygym/admin/index.php?view_exercises` | High
|
||||
32 | File | `/net-banking/customer_transactions.php` | High
|
||||
33 | File | `/out.php` | Medium
|
||||
34 | File | `/pet_shop/admin/orders/update_status.php` | High
|
||||
35 | File | `/php-opos/index.php` | High
|
||||
36 | ... | ... | ...
|
||||
6 | File | `/APR/login.php` | High
|
||||
7 | File | `/APR/signup.php` | High
|
||||
8 | File | `/as/authorization.oauth2` | High
|
||||
9 | File | `/boat/login.php` | High
|
||||
10 | File | `/bsms_ci/index.php/user/edit_user/` | High
|
||||
11 | File | `/cgi-bin/luci/api/auth` | High
|
||||
12 | File | `/cgi-bin/supervisor/PwdGrp.cgi` | High
|
||||
13 | File | `/cgi-bin/wapopen` | High
|
||||
14 | File | `/cimom` | Low
|
||||
15 | File | `/context/%2e/WEB-INF/web.xml` | High
|
||||
16 | File | `/controller/OnlinePreviewController.java` | High
|
||||
17 | File | `/DXR.axd` | Medium
|
||||
18 | File | `/ecshop/admin/template.php` | High
|
||||
19 | File | `/etc/openstack-dashboard/local_settings` | High
|
||||
20 | File | `/etc/sudoers` | Medium
|
||||
21 | File | `/filemanager/php/connector.php` | High
|
||||
22 | File | `/forum/away.php` | High
|
||||
23 | File | `/forum/PostPrivateMessage` | High
|
||||
24 | File | `/goform/addressNat` | High
|
||||
25 | File | `/home/www/cgi-bin/login.cgi` | High
|
||||
26 | File | `/IISADMPWD` | Medium
|
||||
27 | File | `/modules/projects/vw_files.php` | High
|
||||
28 | File | `/Moosikay/order.php` | High
|
||||
29 | File | `/mygym/admin/index.php?view_exercises` | High
|
||||
30 | File | `/net-banking/customer_transactions.php` | High
|
||||
31 | File | `/out.php` | Medium
|
||||
32 | File | `/pet_shop/admin/orders/update_status.php` | High
|
||||
33 | File | `/php-opos/index.php` | High
|
||||
34 | File | `/public/launchNewWindow.jsp` | High
|
||||
35 | File | `/reviewer_0/admins/assessments/pretest/questions-view.php` | High
|
||||
36 | File | `/rukovoditel/index.php?module=users/login` | High
|
||||
37 | File | `/secure/QueryComponent!Default.jspa` | High
|
||||
38 | File | `/tourism/rate_review.php` | High
|
||||
39 | File | `/uncpath/` | Medium
|
||||
40 | File | `/upload` | Low
|
||||
41 | File | `/vendor/htmlawed/htmlawed/htmLawedTest.php` | High
|
||||
42 | File | `/wp-admin/admin-ajax.php` | High
|
||||
43 | ... | ... | ...
|
||||
|
||||
There are 308 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 372 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -60,7 +60,7 @@ ID | Type | Indicator | Confidence
|
|||
11 | File | `archiver\index.php` | High
|
||||
12 | ... | ... | ...
|
||||
|
||||
There are 91 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 92 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -103,7 +103,8 @@ ID | Technique | Weakness | Description | Confidence
|
|||
2 | T1040 | CWE-294 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
5 | ... | ... | ... | ...
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 18 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
|
@ -115,51 +116,46 @@ ID | Type | Indicator | Confidence
|
|||
-- | ---- | --------- | ----------
|
||||
1 | File | `/+CSCOE+/logon.html` | High
|
||||
2 | File | `/admin/upload/upload` | High
|
||||
3 | File | `/apply_noauth.cgi` | High
|
||||
4 | File | `/bin/sh` | Low
|
||||
5 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
6 | File | `/context/%2e/WEB-INF/web.xml` | High
|
||||
7 | File | `/ctcprotocol/Protocol` | High
|
||||
8 | File | `/debug/pprof` | Medium
|
||||
9 | File | `/ebics-server/ebics.aspx` | High
|
||||
10 | File | `/ecshop/admin/template.php` | High
|
||||
11 | File | `/etc/openstack-dashboard/local_settings` | High
|
||||
12 | File | `/forum/away.php` | High
|
||||
13 | File | `/forum/PostPrivateMessage` | High
|
||||
14 | File | `/HNAP1/SetClientInfo` | High
|
||||
15 | File | `/home/www/cgi-bin/login.cgi` | High
|
||||
16 | File | `/menu.html` | Medium
|
||||
17 | File | `/modules/snf/index.php` | High
|
||||
18 | File | `/net-banking/customer_transactions.php` | High
|
||||
19 | File | `/obs/book.php` | High
|
||||
20 | File | `/orrs/admin/?page=user/manage_user` | High
|
||||
21 | File | `/ossn/administrator/com_installer` | High
|
||||
22 | File | `/pms/update_user.php?user_id=1` | High
|
||||
23 | File | `/resources//../` | High
|
||||
24 | File | `/secure/QueryComponent!Default.jspa` | High
|
||||
25 | File | `/subtitles.php` | High
|
||||
26 | File | `/sys/dict/queryTableData` | High
|
||||
27 | File | `/user/upload/upload` | High
|
||||
28 | File | `/vendor` | Low
|
||||
29 | File | `/views/directive/sys/SysConfigDataDirective.java` | High
|
||||
30 | File | `accountrecoveryendpoint/recoverpassword.do` | High
|
||||
31 | File | `adclick.php` | Medium
|
||||
32 | File | `add_contestant.php` | High
|
||||
33 | File | `add_postit.php` | High
|
||||
34 | File | `admin.php` | Medium
|
||||
35 | File | `admin/index.php` | High
|
||||
36 | File | `admin/make_payments.php` | High
|
||||
37 | File | `admin/shophelp.php` | High
|
||||
38 | File | `admin/TemplateController.java` | High
|
||||
39 | File | `administration.jsp` | High
|
||||
40 | File | `adminquery.php` | High
|
||||
41 | File | `ansfaq.asp` | Medium
|
||||
42 | File | `ApiController.class.php` | High
|
||||
43 | File | `APKINDEX.tar.gz` | High
|
||||
44 | File | `app/parameters/sipity/parameters/search_criteria_for_works_parameter.rb` | High
|
||||
45 | ... | ... | ...
|
||||
3 | File | `/api/admin/system/store/order/list` | High
|
||||
4 | File | `/apply_noauth.cgi` | High
|
||||
5 | File | `/bin/sh` | Low
|
||||
6 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
7 | File | `/common/sysFile/list` | High
|
||||
8 | File | `/context/%2e/WEB-INF/web.xml` | High
|
||||
9 | File | `/ctcprotocol/Protocol` | High
|
||||
10 | File | `/debug/pprof` | Medium
|
||||
11 | File | `/ebics-server/ebics.aspx` | High
|
||||
12 | File | `/ecshop/admin/template.php` | High
|
||||
13 | File | `/etc/openstack-dashboard/local_settings` | High
|
||||
14 | File | `/forum/away.php` | High
|
||||
15 | File | `/forum/PostPrivateMessage` | High
|
||||
16 | File | `/goform/addressNat` | High
|
||||
17 | File | `/HNAP1/SetClientInfo` | High
|
||||
18 | File | `/home/www/cgi-bin/login.cgi` | High
|
||||
19 | File | `/menu.html` | Medium
|
||||
20 | File | `/net-banking/customer_transactions.php` | High
|
||||
21 | File | `/obs/book.php` | High
|
||||
22 | File | `/orrs/admin/?page=user/manage_user` | High
|
||||
23 | File | `/ossn/administrator/com_installer` | High
|
||||
24 | File | `/pms/update_user.php?user_id=1` | High
|
||||
25 | File | `/resources//../` | High
|
||||
26 | File | `/secure/QueryComponent!Default.jspa` | High
|
||||
27 | File | `/squashfs-root/www/HNAP1/control/SetMasterWLanSettings.php` | High
|
||||
28 | File | `/subtitles.php` | High
|
||||
29 | File | `/sys/dict/queryTableData` | High
|
||||
30 | File | `/user/upload/upload` | High
|
||||
31 | File | `/vendor` | Low
|
||||
32 | File | `/views/directive/sys/SysConfigDataDirective.java` | High
|
||||
33 | File | `accountrecoveryendpoint/recoverpassword.do` | High
|
||||
34 | File | `Acl.asp` | Low
|
||||
35 | File | `adclick.php` | Medium
|
||||
36 | File | `add_contestant.php` | High
|
||||
37 | File | `add_postit.php` | High
|
||||
38 | File | `admin.php` | Medium
|
||||
39 | File | `admin/index.php` | High
|
||||
40 | ... | ... | ...
|
||||
|
||||
There are 386 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 345 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [CN](https://vuldb.com/?country.cn)
|
||||
* ...
|
||||
|
||||
There are 16 more country items available. Please use our online service to access the data.
|
||||
There are 9 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -155,14 +155,14 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-28, CWE-35 | Pathname Traversal | High
|
||||
2 | T1055 | CWE-74 | Injection | High
|
||||
3 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
4 | T1059.007 | CWE-79, CWE-80, CWE-85 | Cross Site Scripting | High
|
||||
5 | T1068 | CWE-250, CWE-264, CWE-269, CWE-284 | Execution with Unnecessary Privileges | High
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-35 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-294 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 22 more TTP items available. Please use our online service to access the data.
|
||||
There are 20 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -170,49 +170,54 @@ These _indicators of attack_ (IOA) list the potential fragments used for technic
|
|||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `/addNotifyServlet` | High
|
||||
2 | File | `/admin/api/theme-edit/` | High
|
||||
3 | File | `/admin/conferences/get-all-status/` | High
|
||||
4 | File | `/adminui/history_log.php` | High
|
||||
5 | File | `/attachments` | Medium
|
||||
6 | File | `/bsms_ci/index.php/book` | High
|
||||
7 | File | `/classes/Master.php?f=delete_helmet` | High
|
||||
8 | File | `/cms/category/list` | High
|
||||
9 | File | `/common/run_cross_report.php` | High
|
||||
10 | File | `/debug/pprof` | Medium
|
||||
11 | File | `/Default/Bd` | Medium
|
||||
12 | File | `/download` | Medium
|
||||
13 | File | `/etc/hosts` | Medium
|
||||
14 | File | `/etc/passwd` | Medium
|
||||
15 | File | `/face-recognition-php/facepay-master/camera.php` | High
|
||||
16 | File | `/goform/SysToolChangePwd` | High
|
||||
17 | File | `/goform/WifiBasicSet` | High
|
||||
18 | File | `/hardware` | Medium
|
||||
19 | File | `/hrm/employeeview.php` | High
|
||||
20 | File | `/hss/?page=view_product` | High
|
||||
21 | File | `/index.php?module=configuration/application` | High
|
||||
1 | File | `/admin.php/accessory/filesdel.html` | High
|
||||
2 | File | `/admin/?page=user/manage` | High
|
||||
3 | File | `/admin/add-new.php` | High
|
||||
4 | File | `/admin/api/theme-edit/` | High
|
||||
5 | File | `/admin/conferences/get-all-status/` | High
|
||||
6 | File | `/admin/doctors.php` | High
|
||||
7 | File | `/admin/index3.php` | High
|
||||
8 | File | `/adminui/history_log.php` | High
|
||||
9 | File | `/adms/admin/?page=vehicles/view_transaction` | High
|
||||
10 | File | `/alphaware/summary.php` | High
|
||||
11 | File | `/boat/login.php` | High
|
||||
12 | File | `/bsms_ci/index.php/book` | High
|
||||
13 | File | `/check` | Low
|
||||
14 | File | `/classes/Master.php?f=delete_helmet` | High
|
||||
15 | File | `/common/run_cross_report.php` | High
|
||||
16 | File | `/CPE` | Low
|
||||
17 | File | `/debug/pprof` | Medium
|
||||
18 | File | `/download` | Medium
|
||||
19 | File | `/forum/away.php` | High
|
||||
20 | File | `/goform/SysToolChangePwd` | High
|
||||
21 | File | `/goform/WifiBasicSet` | High
|
||||
22 | File | `/index/user/user_edit.html` | High
|
||||
23 | File | `/lib` | Low
|
||||
24 | File | `/login` | Low
|
||||
25 | File | `/login/index.php` | High
|
||||
26 | File | `/pages/faculty_sched.php` | High
|
||||
27 | File | `/product/savenewproduct.php?flag=1` | High
|
||||
28 | File | `/proxy` | Low
|
||||
29 | File | `/tmp` | Low
|
||||
30 | File | `/tmp/app/.env` | High
|
||||
31 | File | `/user/loader.php?api=1` | High
|
||||
32 | File | `/v1/sql-runner` | High
|
||||
33 | File | `/var/tmp/audacity-$USER` | High
|
||||
34 | File | `/wp-json/wc/v3/webhooks` | High
|
||||
35 | File | `account_change.php` | High
|
||||
36 | File | `actions/UploadAction.php` | High
|
||||
37 | File | `ActivityRecord.java` | High
|
||||
38 | File | `admin.php` | Medium
|
||||
39 | File | `admin/manage_user.php` | High
|
||||
40 | File | `admin/page-login.php` | High
|
||||
41 | ... | ... | ...
|
||||
23 | File | `/login/index.php` | High
|
||||
24 | File | `/medicines/profile.php` | High
|
||||
25 | File | `/MIME/INBOX-MM-1/` | High
|
||||
26 | File | `/Moosikay/order.php` | High
|
||||
27 | File | `/param.file.tgz` | High
|
||||
28 | File | `/php-inventory-management-system/product.php` | High
|
||||
29 | File | `/public/plugins/` | High
|
||||
30 | File | `/public_html/users.php` | High
|
||||
31 | File | `/reservation/add_message.php` | High
|
||||
32 | File | `/spip.php` | Medium
|
||||
33 | File | `/system/UserMapper.xml` | High
|
||||
34 | File | `/tmp` | Low
|
||||
35 | File | `/user/loader.php?api=1` | High
|
||||
36 | File | `/user/s.php` | Medium
|
||||
37 | File | `/v1/sql-runner` | High
|
||||
38 | File | `/vendor/htmlawed/htmlawed/htmLawedTest.php` | High
|
||||
39 | File | `/video-sharing-script/watch-video.php` | High
|
||||
40 | File | `/web/index.php` | High
|
||||
41 | File | `/wireless/guestnetwork.asp` | High
|
||||
42 | File | `AcquisiAction.class.php` | High
|
||||
43 | File | `actions/UploadAction.php` | High
|
||||
44 | File | `ActivityManagerService.java` | High
|
||||
45 | File | `adclick.php` | Medium
|
||||
46 | ... | ... | ...
|
||||
|
||||
There are 353 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 394 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -0,0 +1,60 @@
|
|||
# Holy See Unknown - Cyber Threat Intelligence
|
||||
|
||||
These _indicators_ were reported, collected, and generated during the [VulDB CTI analysis](https://vuldb.com/?kb.cti) of the actor known as [Holy See Unknown](https://vuldb.com/?actor.holy_see_unknown). The _activity monitoring_ correlates data from social media, forums, chat rooms, and darknet markets. It helps to determine associated actors, specific activities, expected intentions, emerging research, and ongoing attacks. Our unique _predictive model_ uses _big data_ to forecast activities and their characteristics.
|
||||
|
||||
_Live data_ and more _analysis capabilities_ are available at [https://vuldb.com/?actor.holy_see_unknown](https://vuldb.com/?actor.holy_see_unknown)
|
||||
|
||||
## Countries
|
||||
|
||||
These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with Holy See Unknown:
|
||||
|
||||
* [IT](https://vuldb.com/?country.it)
|
||||
* [DE](https://vuldb.com/?country.de)
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
These _indicators of compromise_ (IOC) indicate associated network resources which are known to be part of research and attack activities of Holy See Unknown.
|
||||
|
||||
ID | IP address | Hostname | Campaign | Confidence
|
||||
-- | ---------- | -------- | -------- | ----------
|
||||
1 | [57.79.216.0](https://vuldb.com/?ip.57.79.216.0) | - | - | High
|
||||
2 | [81.208.94.0](https://vuldb.com/?ip.81.208.94.0) | - | - | High
|
||||
3 | [185.17.220.0](https://vuldb.com/?ip.185.17.220.0) | - | - | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 8 more IOC items available. Please use our online service to access the data.
|
||||
|
||||
## TTP - Tactics, Techniques, Procedures
|
||||
|
||||
_Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK techniques used by _Holy See Unknown_. This data is unique as it uses our predictive model for actor profiling.
|
||||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-22 | Pathname Traversal | High
|
||||
2 | T1068 | CWE-264, CWE-269 | Execution with Unnecessary Privileges | High
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
These _indicators of attack_ (IOA) list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration by Holy See Unknown. This data is unique as it uses our predictive model for actor profiling.
|
||||
|
||||
ID | Type | Indicator | Confidence
|
||||
-- | ---- | --------- | ----------
|
||||
1 | File | `login.cgi` | Medium
|
||||
2 | Network Port | `Web Server Port` | High
|
||||
|
||||
## References
|
||||
|
||||
The following list contains _external sources_ which discuss the actor and the associated activities:
|
||||
|
||||
* https://github.com/firehol/blocklist-ipsets/blob/master/ip2location_country/ip2location_country_va.netset
|
||||
|
||||
## Literature
|
||||
|
||||
The following _articles_ explain our unique predictive cyber threat intelligence:
|
||||
|
||||
* [VulDB Cyber Threat Intelligence Documentation](https://vuldb.com/?kb.cti)
|
||||
* [Cyber Threat Intelligence - Early Anticipation of Attacks](https://www.scip.ch/en/?labs.20201022)
|
||||
|
||||
## License
|
||||
|
||||
(c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!
|
|
@ -287,13 +287,14 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-425 | Pathname Traversal | High
|
||||
1 | T1006 | CWE-22, CWE-23, CWE-425 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-294, CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
5 | ... | ... | ... | ...
|
||||
4 | T1059 | CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 16 more TTP items available. Please use our online service to access the data.
|
||||
There are 18 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -303,32 +304,39 @@ ID | Type | Indicator | Confidence
|
|||
-- | ---- | --------- | ----------
|
||||
1 | File | `/.env` | Low
|
||||
2 | File | `//` | Low
|
||||
3 | File | `/api/admin/system/store/order/list` | High
|
||||
4 | File | `/api/blade-log/api/list` | High
|
||||
5 | File | `/api/jmeter/download/files` | High
|
||||
6 | File | `/api/v2/cli/commands` | High
|
||||
7 | File | `/APR/login.php` | High
|
||||
8 | File | `/as/authorization.oauth2` | High
|
||||
9 | File | `/bsms_ci/index.php` | High
|
||||
10 | File | `/bsms_ci/index.php/user/edit_user/` | High
|
||||
11 | File | `/cgi-bin/luci/api/auth` | High
|
||||
12 | File | `/cgi-bin/system_mgr.cgi` | High
|
||||
13 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
14 | File | `/DXR.axd` | Medium
|
||||
15 | File | `/ecshop/admin/template.php` | High
|
||||
16 | File | `/filemanager/php/connector.php` | High
|
||||
17 | File | `/files/import` | High
|
||||
18 | File | `/forum/away.php` | High
|
||||
19 | File | `/forum/PostPrivateMessage` | High
|
||||
20 | File | `/home/www/cgi-bin/login.cgi` | High
|
||||
21 | File | `/hrm/employeeview.php` | High
|
||||
22 | File | `/Moosikay/order.php` | High
|
||||
23 | File | `/net-banking/customer_transactions.php` | High
|
||||
24 | File | `/net-banking/send_funds.php` | High
|
||||
25 | File | `/out.php` | Medium
|
||||
26 | ... | ... | ...
|
||||
3 | File | `/admin/patient.php` | High
|
||||
4 | File | `/api/admin/system/store/order/list` | High
|
||||
5 | File | `/api/blade-log/api/list` | High
|
||||
6 | File | `/api/jmeter/download/files` | High
|
||||
7 | File | `/api/v2/cli/commands` | High
|
||||
8 | File | `/APR/login.php` | High
|
||||
9 | File | `/as/authorization.oauth2` | High
|
||||
10 | File | `/bsms_ci/index.php` | High
|
||||
11 | File | `/bsms_ci/index.php/user/edit_user/` | High
|
||||
12 | File | `/cgi-bin/luci/api/auth` | High
|
||||
13 | File | `/cgi-bin/system_mgr.cgi` | High
|
||||
14 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
15 | File | `/DXR.axd` | Medium
|
||||
16 | File | `/ecshop/admin/template.php` | High
|
||||
17 | File | `/filemanager/php/connector.php` | High
|
||||
18 | File | `/files/import` | High
|
||||
19 | File | `/forum/away.php` | High
|
||||
20 | File | `/forum/PostPrivateMessage` | High
|
||||
21 | File | `/home/www/cgi-bin/login.cgi` | High
|
||||
22 | File | `/hrm/employeeview.php` | High
|
||||
23 | File | `/librarian/bookdetails.php` | High
|
||||
24 | File | `/modules/projects/vw_files.php` | High
|
||||
25 | File | `/Moosikay/order.php` | High
|
||||
26 | File | `/net-banking/customer_transactions.php` | High
|
||||
27 | File | `/out.php` | Medium
|
||||
28 | File | `/reservation/add_message.php` | High
|
||||
29 | File | `/rukovoditel/index.php?module=users/login` | High
|
||||
30 | File | `/tmp/boa-temp` | High
|
||||
31 | File | `/usr/sbin/suexec` | High
|
||||
32 | File | `/wp-admin/admin-ajax.php` | High
|
||||
33 | ... | ... | ...
|
||||
|
||||
There are 216 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 285 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -40,7 +40,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
3 | T1059 | CWE-94 | Cross Site Scripting | High
|
||||
4 | ... | ... | ... | ...
|
||||
|
||||
There are 13 more TTP items available. Please use our online service to access the data.
|
||||
There are 14 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -52,15 +52,15 @@ ID | Type | Indicator | Confidence
|
|||
2 | File | `/mgmt/tm/util/bash` | High
|
||||
3 | File | `/mifs/c/i/reg/reg.html` | High
|
||||
4 | File | `/secure/ViewCollectors` | High
|
||||
5 | File | `/xAdmin/html/cm_doclist_view_uc.jsp` | High
|
||||
6 | File | `adclick.php` | Medium
|
||||
7 | File | `add_comment.php` | High
|
||||
8 | File | `cgi-bin/awstats.pl` | High
|
||||
9 | File | `checkout.cfm` | Medium
|
||||
10 | File | `Config/SaveUploadedHotspotLogoFile` | High
|
||||
5 | File | `/Session` | Medium
|
||||
6 | File | `/xAdmin/html/cm_doclist_view_uc.jsp` | High
|
||||
7 | File | `adclick.php` | Medium
|
||||
8 | File | `add_comment.php` | High
|
||||
9 | File | `cgi-bin/awstats.pl` | High
|
||||
10 | File | `checkout.cfm` | Medium
|
||||
11 | ... | ... | ...
|
||||
|
||||
There are 81 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 83 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -52,7 +52,7 @@ ID | Technique | Weakness | Description | Confidence
|
|||
4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
5 | ... | ... | ... | ...
|
||||
|
||||
There are 17 more TTP items available. Please use our online service to access the data.
|
||||
There are 18 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -85,7 +85,8 @@ ID | Type | Indicator | Confidence
|
|||
23 | File | `/tlogin.cgi` | Medium
|
||||
24 | File | `/tmp/scfgdndf` | High
|
||||
25 | File | `/uncpath/` | Medium
|
||||
26 | ... | ... | ...
|
||||
26 | File | `/upload` | Low
|
||||
27 | ... | ... | ...
|
||||
|
||||
There are 223 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
|
|
|
@ -19,7 +19,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [LA](https://vuldb.com/?country.la)
|
||||
* ...
|
||||
|
||||
There are 18 more country items available. Please use our online service to access the data.
|
||||
There are 19 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -68,65 +68,68 @@ ID | Type | Indicator | Confidence
|
|||
-- | ---- | --------- | ----------
|
||||
1 | File | `/admin/contenttemp` | High
|
||||
2 | File | `/admin/dl_sendmail.php` | High
|
||||
3 | File | `/api/files/` | Medium
|
||||
4 | File | `/api/trackedEntityInstances` | High
|
||||
5 | File | `/api/v2/cli/commands` | High
|
||||
6 | File | `/app/Http/Controllers/Admin/NEditorController.php` | High
|
||||
7 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
8 | File | `/de/cgi/dfs_guest/` | High
|
||||
9 | File | `/filemanager/upload.php` | High
|
||||
10 | File | `/GponForm/fsetup_Form` | High
|
||||
11 | File | `/include/makecvs.php` | High
|
||||
12 | File | `/includes/event-management/index.php` | High
|
||||
13 | File | `/index.php` | Medium
|
||||
14 | File | `/lab.html` | Medium
|
||||
15 | File | `/Main_AdmStatus_Content.asp` | High
|
||||
16 | File | `/member/picture/album` | High
|
||||
17 | File | `/mgmt/tm/util/bash` | High
|
||||
18 | File | `/mifs/c/i/reg/reg.html` | High
|
||||
19 | File | `/modules/profile/index.php` | High
|
||||
20 | File | `/out.php` | Medium
|
||||
21 | File | `/products/details.asp` | High
|
||||
22 | File | `/requests.php` | High
|
||||
23 | File | `/secure/QueryComponent!Default.jspa` | High
|
||||
24 | File | `/secure/ViewCollectors` | High
|
||||
25 | File | `/services/details.asp` | High
|
||||
26 | File | `/spip.php` | Medium
|
||||
27 | File | `/SysInfo.htm` | Medium
|
||||
28 | File | `/uncpath/` | Medium
|
||||
29 | File | `/usr/local/WowzaStreamingEngine/bin/` | High
|
||||
30 | File | `/usr/syno/etc/mount.conf` | High
|
||||
31 | File | `/var/WEB-GUI/cgi-bin/telnet.cgi` | High
|
||||
32 | File | `/vendor` | Low
|
||||
33 | File | `/wp-admin/admin.php?page=wp_file_manager_properties` | High
|
||||
34 | File | `/wp/?cpmvc_id=1&cpmvc_do_action=mvparse&f=datafeed&calid=1&month_index=1&method=adddetails&id=2` | High
|
||||
35 | File | `/xAdmin/html/cm_doclist_view_uc.jsp` | High
|
||||
36 | File | `a-b-membres.php` | High
|
||||
37 | File | `actions.php` | Medium
|
||||
38 | File | `adclick.php` | Medium
|
||||
39 | File | `add.php` | Low
|
||||
40 | File | `addtocart.asp` | High
|
||||
41 | File | `add_2_basket.asp` | High
|
||||
42 | File | `add_comment.php` | High
|
||||
43 | File | `admin.jcomments.php` | High
|
||||
44 | File | `admin.php` | Medium
|
||||
45 | File | `admin.php/comments/batchdel/` | High
|
||||
46 | File | `admin/aboutus.php` | High
|
||||
47 | File | `admin/adm/test.php` | High
|
||||
48 | File | `admin/bitrix.mpbuilder_step2.php` | High
|
||||
49 | File | `admin/conf_users_edit.php` | High
|
||||
50 | File | `admin/media.php` | High
|
||||
51 | File | `admin/vqmods.app/vqmods.inc.php` | High
|
||||
52 | File | `adminer.php` | Medium
|
||||
53 | File | `administrator/components/com_media/helpers/media.php` | High
|
||||
54 | File | `admin\controller\uploadfile.php` | High
|
||||
55 | File | `agora.cgi` | Medium
|
||||
56 | File | `album_portal.php` | High
|
||||
57 | File | `al_initialize.php` | High
|
||||
58 | File | `application/modules/admin/views/ecommerce/products.php` | High
|
||||
59 | ... | ... | ...
|
||||
3 | File | `/admin/store.php` | High
|
||||
4 | File | `/api/files/` | Medium
|
||||
5 | File | `/api/trackedEntityInstances` | High
|
||||
6 | File | `/api/user/password/sent-reset-email` | High
|
||||
7 | File | `/api/v2/cli/commands` | High
|
||||
8 | File | `/app/Http/Controllers/Admin/NEditorController.php` | High
|
||||
9 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
10 | File | `/de/cgi/dfs_guest/` | High
|
||||
11 | File | `/filemanager/upload.php` | High
|
||||
12 | File | `/forum/away.php` | High
|
||||
13 | File | `/GponForm/fsetup_Form` | High
|
||||
14 | File | `/include/makecvs.php` | High
|
||||
15 | File | `/includes/event-management/index.php` | High
|
||||
16 | File | `/index.php` | Medium
|
||||
17 | File | `/lab.html` | Medium
|
||||
18 | File | `/Main_AdmStatus_Content.asp` | High
|
||||
19 | File | `/member/picture/album` | High
|
||||
20 | File | `/mgmt/tm/util/bash` | High
|
||||
21 | File | `/mifs/c/i/reg/reg.html` | High
|
||||
22 | File | `/modules/profile/index.php` | High
|
||||
23 | File | `/out.php` | Medium
|
||||
24 | File | `/plugins/servlet/gadgets/makeRequest` | High
|
||||
25 | File | `/products/details.asp` | High
|
||||
26 | File | `/public/plugins/` | High
|
||||
27 | File | `/requests.php` | High
|
||||
28 | File | `/secure/QueryComponent!Default.jspa` | High
|
||||
29 | File | `/secure/ViewCollectors` | High
|
||||
30 | File | `/services/details.asp` | High
|
||||
31 | File | `/Session` | Medium
|
||||
32 | File | `/spip.php` | Medium
|
||||
33 | File | `/SysInfo.htm` | Medium
|
||||
34 | File | `/uncpath/` | Medium
|
||||
35 | File | `/usr/local/WowzaStreamingEngine/bin/` | High
|
||||
36 | File | `/usr/syno/etc/mount.conf` | High
|
||||
37 | File | `/var/WEB-GUI/cgi-bin/telnet.cgi` | High
|
||||
38 | File | `/vendor` | Low
|
||||
39 | File | `/wp-admin/admin.php?page=wp_file_manager_properties` | High
|
||||
40 | File | `/wp/?cpmvc_id=1&cpmvc_do_action=mvparse&f=datafeed&calid=1&month_index=1&method=adddetails&id=2` | High
|
||||
41 | File | `/xAdmin/html/cm_doclist_view_uc.jsp` | High
|
||||
42 | File | `a-b-membres.php` | High
|
||||
43 | File | `actions.php` | Medium
|
||||
44 | File | `adclick.php` | Medium
|
||||
45 | File | `add.php` | Low
|
||||
46 | File | `addtocart.asp` | High
|
||||
47 | File | `add_2_basket.asp` | High
|
||||
48 | File | `add_comment.php` | High
|
||||
49 | File | `admin.jcomments.php` | High
|
||||
50 | File | `admin.php` | Medium
|
||||
51 | File | `admin.php/comments/batchdel/` | High
|
||||
52 | File | `admin/aboutus.php` | High
|
||||
53 | File | `admin/adm/test.php` | High
|
||||
54 | File | `admin/article_save.php` | High
|
||||
55 | File | `admin/bitrix.mpbuilder_step2.php` | High
|
||||
56 | File | `admin/conf_users_edit.php` | High
|
||||
57 | File | `admin/media.php` | High
|
||||
58 | File | `admin/vqmods.app/vqmods.inc.php` | High
|
||||
59 | File | `adminer.php` | Medium
|
||||
60 | File | `administrator/components/com_media/helpers/media.php` | High
|
||||
61 | File | `admin\controller\uploadfile.php` | High
|
||||
62 | ... | ... | ...
|
||||
|
||||
There are 517 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 543 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -60,7 +60,7 @@ ID | Type | Indicator | Confidence
|
|||
14 | File | `admin/area.php` | High
|
||||
15 | ... | ... | ...
|
||||
|
||||
There are 121 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 122 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -26,7 +26,7 @@ These _countries_ are directly (e.g. origin of attacks) or indirectly (e.g. acce
|
|||
* [US](https://vuldb.com/?country.us)
|
||||
* ...
|
||||
|
||||
There are 13 more country items available. Please use our online service to access the data.
|
||||
There are 10 more country items available. Please use our online service to access the data.
|
||||
|
||||
## IOC - Indicator of Compromise
|
||||
|
||||
|
@ -274,7 +274,7 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-37, CWE-425 | Pathname Traversal | High
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-37, CWE-425 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94 | Cross Site Scripting | High
|
||||
|
@ -292,36 +292,36 @@ ID | Type | Indicator | Confidence
|
|||
2 | File | `/Admin/add-student.php` | High
|
||||
3 | File | `/advanced-tools/nova/bin/netwatch` | High
|
||||
4 | File | `/api/jmeter/download/files` | High
|
||||
5 | File | `/api/v1/attack/falco` | High
|
||||
6 | File | `/APR/login.php` | High
|
||||
7 | File | `/aya/module/admin/fst_down.inc.php` | High
|
||||
8 | File | `/boat/login.php` | High
|
||||
9 | File | `/bsms_ci/index.php/user/edit_user/` | High
|
||||
10 | File | `/cgi-bin/R14.2/easy1350.pl` | High
|
||||
11 | File | `/cgi-bin/R14.2/log.pl` | High
|
||||
5 | File | `/api/upload` | Medium
|
||||
6 | File | `/api/v1/attack/falco` | High
|
||||
7 | File | `/APR/login.php` | High
|
||||
8 | File | `/aya/module/admin/fst_down.inc.php` | High
|
||||
9 | File | `/boat/login.php` | High
|
||||
10 | File | `/bsms_ci/index.php/user/edit_user/` | High
|
||||
11 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
12 | File | `/DXR.axd` | Medium
|
||||
13 | File | `/ebics-server/ebics.aspx` | High
|
||||
14 | File | `/etc/tomcat8/Catalina/attack` | High
|
||||
15 | File | `/files/import` | High
|
||||
16 | File | `/forum/away.php` | High
|
||||
17 | File | `/HNAP1/SetClientInfo` | High
|
||||
18 | File | `/ims/login.php` | High
|
||||
14 | File | `/files/import` | High
|
||||
15 | File | `/forum/away.php` | High
|
||||
16 | File | `/HNAP1/SetClientInfo` | High
|
||||
17 | File | `/ims/login.php` | High
|
||||
18 | File | `/j_security_check` | High
|
||||
19 | File | `/librarian/bookdetails.php` | High
|
||||
20 | File | `/login/index.php` | High
|
||||
21 | File | `/mhds/clinic/view_details.php` | High
|
||||
22 | File | `/Moosikay/order.php` | High
|
||||
23 | File | `/nova/bin/detnet` | High
|
||||
24 | File | `/out.php` | Medium
|
||||
25 | File | `/php-opos/index.php` | High
|
||||
26 | File | `/resources//../` | High
|
||||
27 | File | `/reviewer_0/admins/assessments/pretest/questions-view.php` | High
|
||||
28 | File | `/sys/dict/queryTableData` | High
|
||||
29 | File | `/tmp/boa-temp` | High
|
||||
30 | File | `/tourism/rate_review.php` | High
|
||||
31 | File | `/uncpath/` | Medium
|
||||
20 | File | `/Moosikay/order.php` | High
|
||||
21 | File | `/nova/bin/detnet` | High
|
||||
22 | File | `/out.php` | Medium
|
||||
23 | File | `/php-opos/index.php` | High
|
||||
24 | File | `/resources//../` | High
|
||||
25 | File | `/reviewer_0/admins/assessments/pretest/questions-view.php` | High
|
||||
26 | File | `/squashfs-root/www/HNAP1/control/SetMasterWLanSettings.php` | High
|
||||
27 | File | `/sys/dict/queryTableData` | High
|
||||
28 | File | `/tmp/boa-temp` | High
|
||||
29 | File | `/tourism/rate_review.php` | High
|
||||
30 | File | `/uncpath/` | Medium
|
||||
31 | File | `/wp-json` | Medium
|
||||
32 | ... | ... | ...
|
||||
|
||||
There are 274 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 268 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -60,7 +60,7 @@ ID | Type | Indicator | Confidence
|
|||
11 | File | `admin/menus/edit.php` | High
|
||||
12 | ... | ... | ...
|
||||
|
||||
There are 89 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 90 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
|
@ -48,13 +48,14 @@ _Tactics, techniques, and procedures_ (TTP) summarize the suspected MITRE ATT&CK
|
|||
|
||||
ID | Technique | Weakness | Description | Confidence
|
||||
-- | --------- | -------- | ----------- | ----------
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-24, CWE-28 | Pathname Traversal | High
|
||||
2 | T1055 | CWE-74 | Injection | High
|
||||
3 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
4 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
5 | ... | ... | ... | ...
|
||||
1 | T1006 | CWE-21, CWE-22, CWE-23, CWE-24 | Pathname Traversal | High
|
||||
2 | T1040 | CWE-319 | Authentication Bypass by Capture-replay | High
|
||||
3 | T1055 | CWE-74 | Injection | High
|
||||
4 | T1059 | CWE-88, CWE-94, CWE-1321 | Cross Site Scripting | High
|
||||
5 | T1059.007 | CWE-79, CWE-80 | Cross Site Scripting | High
|
||||
6 | ... | ... | ... | ...
|
||||
|
||||
There are 17 more TTP items available. Please use our online service to access the data.
|
||||
There are 19 more TTP items available. Please use our online service to access the data.
|
||||
|
||||
## IOA - Indicator of Attack
|
||||
|
||||
|
@ -67,36 +68,38 @@ ID | Type | Indicator | Confidence
|
|||
3 | File | `/admin/patient.php` | High
|
||||
4 | File | `/as/authorization.oauth2` | High
|
||||
5 | File | `/blogengine/api/posts` | High
|
||||
6 | File | `/cgi-bin/api-get_line_status` | High
|
||||
7 | File | `/cgi-bin/luci` | High
|
||||
8 | File | `/cgi-bin/luci/api/auth` | High
|
||||
9 | File | `/cgi-bin/nobody/VerifyCode.cgi` | High
|
||||
10 | File | `/cgi-bin/upload_vpntar` | High
|
||||
11 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
12 | File | `/cgi/trustclustermaster.cgi` | High
|
||||
13 | File | `/Content/Template/root/reverse-shell.aspx` | High
|
||||
14 | File | `/debug/pprof` | Medium
|
||||
15 | File | `/DXR.axd` | Medium
|
||||
16 | File | `/export` | Low
|
||||
17 | File | `/filemanager/php/connector.php` | High
|
||||
18 | File | `/forum/away.php` | High
|
||||
19 | File | `/goform/SetPptpServerCfg` | High
|
||||
20 | File | `/h/calendar` | Medium
|
||||
21 | File | `/js/app.js` | Medium
|
||||
22 | File | `/login/index.php` | High
|
||||
23 | File | `/obs/book.php` | High
|
||||
24 | File | `/products/view_product.php` | High
|
||||
25 | File | `/public/login.htm` | High
|
||||
26 | File | `/rukovoditel/index.php?module=users/login` | High
|
||||
27 | File | `/secure/QueryComponent!Default.jspa` | High
|
||||
28 | File | `/services/view_service.php` | High
|
||||
29 | File | `/shell` | Low
|
||||
30 | File | `/spip.php` | Medium
|
||||
31 | File | `/uncpath/` | Medium
|
||||
32 | File | `/usr/bin/tddp` | High
|
||||
33 | ... | ... | ...
|
||||
6 | File | `/cgi-bin/luci/api/auth` | High
|
||||
7 | File | `/cgi-bin/nobody/VerifyCode.cgi` | High
|
||||
8 | File | `/cgi-bin/supervisor/PwdGrp.cgi` | High
|
||||
9 | File | `/cgi-bin/upload_vpntar` | High
|
||||
10 | File | `/cgi-bin/wlogin.cgi` | High
|
||||
11 | File | `/Content/Template/root/reverse-shell.aspx` | High
|
||||
12 | File | `/debug/pprof` | Medium
|
||||
13 | File | `/DXR.axd` | Medium
|
||||
14 | File | `/filemanager/php/connector.php` | High
|
||||
15 | File | `/forum/away.php` | High
|
||||
16 | File | `/login/index.php` | High
|
||||
17 | File | `/mhds/clinic/view_details.php` | High
|
||||
18 | File | `/modules/projects/vw_files.php` | High
|
||||
19 | File | `/obs/book.php` | High
|
||||
20 | File | `/products/view_product.php` | High
|
||||
21 | File | `/public/login.htm` | High
|
||||
22 | File | `/rukovoditel/index.php?module=users/login` | High
|
||||
23 | File | `/secure/QueryComponent!Default.jspa` | High
|
||||
24 | File | `/shell` | Low
|
||||
25 | File | `/spip.php` | Medium
|
||||
26 | File | `/uncpath/` | Medium
|
||||
27 | File | `/usr/bin/tddp` | High
|
||||
28 | File | `/var/WEB-GUI/cgi-bin/telnet.cgi` | High
|
||||
29 | File | `/vendor/htmlawed/htmlawed/htmLawedTest.php` | High
|
||||
30 | File | `/wp-admin/admin-ajax.php` | High
|
||||
31 | File | `/wp-admin/options.php` | High
|
||||
32 | File | `/wp-json/wc/v3/webhooks` | High
|
||||
33 | File | `adclick.php` | Medium
|
||||
34 | File | `admin.php` | Medium
|
||||
35 | ... | ... | ...
|
||||
|
||||
There are 280 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
There are 295 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.
|
||||
|
||||
## References
|
||||
|
||||
|
|
某些文件未显示,因为此 diff 中更改的文件太多 显示更多
正在加载...
在新工单中引用